From owner-freebsd-security Thu May 20 13:46:27 1999 Delivered-To: freebsd-security@freebsd.org Received: from mx01.iafrica.com.na (mx01.iafrica.com.na [196.31.227.173]) by hub.freebsd.org (Postfix) with ESMTP id 34F9915090 for ; Thu, 20 May 1999 13:46:20 -0700 (PDT) (envelope-from tim@iafrica.com.na) Received: from dup102-whk.iafrica.com.na ([196.20.4.205] helo=aptiva) by mx01.iafrica.com.na with smtp (Exim 2.11 #1) id 10kZhT-000GOJ-00; Thu, 20 May 1999 21:45:55 +0100 Message-ID: <374474D4.2263@iafrica.com.na> Date: Thu, 20 May 1999 22:47:16 +0200 From: Tim Priebe Reply-To: tim@iafrica.com.na X-Mailer: Mozilla 3.01 (Win95; I) MIME-Version: 1.0 To: Joel Maslak Cc: security@freebsd.org Subject: Re: Secure Deletion References: <3.0.6.32.19990520095507.00840010@india.wind-river.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Joel Maslak wrote: > > Let's keep standard BSD semantics here, please! > > As for "secure" deletion... Why doesn't someone just write a simple > user-space program to do that. True, it wouldn't handle calls to unlink(), > but one would think that someone could modify the library really quick > (provided no one does a system call directly, but uses the libc interface > instead). I think this would be much better for everyone involved. > > Some problems with my idea... > > Static-linked executables would need to be recompiled > Library would need to be modified on "secure" systems > > If all you want is a way to force a file to go away from the command line, > just rewrite rm. From my understanding of ffs, this would not be sufficiant. As a file grows, it is possible that the data is copied from its initial location to a new one. To not just give a false sense of security these block fragments would have to be over written after the data is copied, or some of the data could still be sitting on the drive after you think it is gone. Tim. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message