Date: Sat, 26 Jun 1999 10:26:37 +1000 (EST) From: Nicholas Brawn <ncb@zip.com.au> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Jason Young <doogie@anet-stl.com>, cjclark@home.com, freebsd-security@FreeBSD.ORG Subject: Re: Secure Deletion Message-ID: <Pine.LNX.4.05.9906261020200.25202-100000@zipper.zip.com.au> In-Reply-To: <Pine.BSF.3.96.990625145942.19134A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Jun 1999, Robert Watson wrote: > > > On a related noted, Ross Anderson and others wrote a paper on > steganographic file systems > > http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/sfs3.ps.gz > > That is, file systems intended to hide even the presence of files if the > user is not authorized, cryptographically. Ross has suggested I port the > linux code to FreeBSD while I'm at Cambridge for the next few weeks. > Given the backlog of Posix.1e stuff, I may not get around to it, but it's > an interesting concept. I pondered a similar idea a while back. However I was curious of how to address a situation like the following: user 'a' creates "myfile" in /tmp. user 'b' is perusing /tmp, and decides to create a file called "myfile". What is the response at this stage? Does the OS tell 'b' that their permission is denied, resulting in a potential for bruteforcing the existance of hidden files? Alternatively, you could allow 'b' to create "myfile", and have a psuedo file system that is only makes files created available to owners of the file, but allowing multiple occurences of "myfile" to exist in the same logical file system. But then you'd have to think about how you could make files available to others. Nick > > It does bring up the issue of meta-data, however. Probably, disk sectors > should be marked as needing real wiping, and inodes + directory entries > need to be similarly treated after file deletion. (this in FreeBSD-land > again, not the SFS). > > Robert N M Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > > Carnegie Mellon University http://www.cmu.edu/ > TIS Labs at Network Associates, Inc. http://www.tis.com/ > Safeport Network Services http://www.safeport.com/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9906261020200.25202-100000>