Date: Sun, 31 Oct 2010 10:48:45 -0700 From: Tim Kientzle <tim@kientzle.com> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, Ulrich Spoerlein <uqs@FreeBSD.org> Subject: Re: svn commit: r214596 - head/bin/rm Message-ID: <E323B04A-EF29-42F2-84DA-895111D88384@kientzle.com> In-Reply-To: <20101031160603.GD2160@garage.freebsd.pl> References: <201010310921.o9V9LSo4075408@svn.freebsd.org> <20101031160603.GD2160@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 31, 2010, at 9:06 AM, Pawel Jakub Dawidek wrote: > On Sun, Oct 31, 2010 at 09:21:28AM +0000, Ulrich Spoerlein wrote: >> Author: uqs >> Date: Sun Oct 31 09:21:27 2010 >> New Revision: 214596 >> URL: http://svn.freebsd.org/changeset/base/214596 >> >> Log: >> Elaborate some more on the non-security implications of using -P > [...] >> +.Pp >> +N.B.: The >> +.Fl P >> +flag is not considered a security feature >> +.Pq see Sx BUGS . > > I'm sorry for jumping so late into the subject, but if it is not a > security feature than what other purpose has left? > > Really guys, this option is useless. I completely agree. > There is no reliable way to verify if the blocks are really overwritten. > Period. Not from userspace, no. I think the only reasonable approach is to add a new syscall (unlink_with_overwrite(2)?) and chase the implications down through the filesystem, GEOM, and driver interfaces. Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E323B04A-EF29-42F2-84DA-895111D88384>