Re: FreeBSD VM gremlin

From: Warner Losh (impat_private)
Date: Fri Sep 18 1998 - 12:29:29 PDT

Next message: Charles M. Hannum: "Re: FreeBSD VM gremlin"

Previous message: Warner Losh: "Re: FreeBSD VM gremlin"
Maybe in reply to: Charles M. Hannum: "FreeBSD VM gremlin"
Next in thread: Charles M. Hannum: "Re: FreeBSD VM gremlin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <199809181149.HAA21721at_private> "Charles
M. Hannum" writes:
:
: > You should have md5 checksums of files that you are concerned about,
: > as timestamps are useless in the face of a good attacker.
:
: Rubbish!  A checksum doesn't tell me that someone hadn't temporarily
: replaced the file and has now put the original back.

Ummm, you still can't tell that for a competant attacker.  A good
attacker can set the system time, frob the file, set it back let time
pass and then do the same thing to get the original back.  You'd never
know.

It is a bug in the FreeBSD VM system where a page gets marked as
dirty, but the underlying pages are hardware protected against write,
so the same contents are written out.

Warner

Next message: Charles M. Hannum: "Re: FreeBSD VM gremlin"
Previous message: Warner Losh: "Re: FreeBSD VM gremlin"
Maybe in reply to: Charles M. Hannum: "FreeBSD VM gremlin"
Next in thread: Charles M. Hannum: "Re: FreeBSD VM gremlin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:16:44 PDT