"secure" file flag?
Ceri Davies
ceri at submonkey.net
Mon Nov 24 15:59:55 PST 2003
On Tue, Nov 18, 2003 at 04:31:32PM -0800, Rayson Ho wrote:
> I am wondering if it is useful to have a "secure" file flag??
>
> The secure file flag will be set for files that contain sensitive data.
> Then the OS will take special care when operating on those "secure"
> files.
>
> e.g. when deleting a "secure" file, the OS will overwrite the file with
> random data.
It would also be useful to have a "noexport" flag, which would have the
NFS code refuse to send it over the network. I could personally use
this for setting on my PGP and SSH keys, while exporting the rest of
/home.
I did look at implementing this, but couldn't find the "correct" place
to do the check for the flag. Any pointers for a kernel newbie?
Ceri
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20031124/6da1060e/attachment.bin
More information about the freebsd-hackers
mailing list