On Wed, 13 Dec 2006, Steven M. Bellovin wrote:

> Is there any way to list all active cgd devices?  I want to add
> code /etc/apm/suspend to cgdconfig all such devices....

Just out of curiousity, what are you going to do to them?

The suspend thing has been an issue I've been grappling with for a
while. Eventually, I ended up taking the debugger out of the kernel,
running xlock on suspend, and running shutdown with a two minute timeout
on wakeup. (The idea is that that limits the amount of time an attacker
has to get to the contents of memory before it goes away.)

cjs
-- 
Curt Sampson            <cjs@cynic.net>             +81 90 7737 2974
   The power of accurate observation is commonly called cynicism
   by those who have not got it.    --George Bernard Shaw