Re: [patch] rm can have undesired side-effects
- From: Tim Clewlow <tim1timau@xxxxxxxxx>
- Date: Tue, 31 Oct 2006 10:11:20 -0800 (PST)
--- Bakul Shah <bakul@xxxxxxxxxxxxx> wrote:
Having thought this over some more, if aadded
shred/scramble/scrub command is created in its own
right, then a number of new features could be
that do not currently exist.
- The command could be writen to protect a single
file, or, it could also write to an entire file
system/media.
These won't share much beyond what patterns to write
and how many times.
- The command could offer many types ofrandomising
possiblities, eg the current 0xff, 0x00, 0xff; orthe
perhaps /dev/random could be written; or perhaps
user could specify exactly what is to be used torules
overwrite the file/file system - from memory some
large organistations (govt depts) have specific
about how files/file systems should be overwrittenno-one
before old medie is thrown out and replaced (so
can scavenge the media and read sensitive data)
IMHO even this does not address paranoia very well.
The
point of rm -P is to make sure freed blocks on the
disk don't
have any useful information. But if the bad guy can
read the
disk *while* it also holds other files on it, the
battle is
already lost as presumably he can also read data in
live
files. If you are using rm -P in preparation to
throwing a
disk away, you may as well just use a whole disk
scrubber.
If you are using rm -P to prevent a nosy admin to
look at
your sensitive data, you will likely lose. He can
easily
replace rm with his own command. A separate scrub
command
may help since you can verify the data is erased.
This is not to say rm -P or scrub is not helpful.
If you
know what you are doing it is perfectly adequate.
But if you
don't or you make mistakes, it will give you a false
sense of
security. For example, once a file is unlinked
through some
other means (such as mv) you don't have a handle on
it any
more to scrub. Basically you lost the ability to
scrub your
data due to a mistake. Worse, editing such a file
may free
unscrubbed blocks. A separate command won't help.
This is why I suggested to have the system do this
for you
(through a mount option -- I don't care enough to
want to
implement it).
Kind of thinking out loud here, apologies if its
noisy, Tim.
If the end result is clear headed go right ahead!
Having cleared my head a bit more, I realise most of
this can be done with consecutive runs of 'dd'.
I think I've reached a conclusion here.
Tim.
____________________________________________________________________________________
Low, Low, Low Rates! Check out Yahoo! Messenger's cheap PC-to-Phone call rates
(http://voice.yahoo.com)
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"
- References:
- Re: [patch] rm can have undesired side-effects
- From: Bakul Shah
- Re: [patch] rm can have undesired side-effects
- Prev by Date: Re: [patch] rm can have undesired side-effects
- Next by Date: Compile Issue: "cannot find -ldl"
- Previous by thread: Re: [patch] rm can have undesired side-effects
- Next by thread: Process arguments
- Index(es):
Relevant Pages
|
|
