Date: Sun, 21 Apr 2002 01:00:27 +0200 From: Matthias Buelow <mkb@mukappabeta.de> To: Paul Everlund <tdv94ped@cs.umu.se> Cc: bts@babbleon.org, jonc@chen.org.nz, freebsd-questions@FreeBSD.ORG Subject: Re: cat: A bug or just as it should be? Message-ID: <20020421010027.2b2a2b72.mkb@mukappabeta.de> In-Reply-To: <3CC136ED.28E55794@cs.umu.se> References: <3CC08E8E.B5EEEA90@cs.umu.se> <20020420102030.A6992@grimoire.chen.org.nz> <3CC099F8.531ECECE@cs.umu.se> <20020420034724.4FA12BB39@i8k.babbleon.org> <3CC136ED.28E55794@cs.umu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Everlund <tdv94ped@cs.umu.se> writes: >Anyway, due to security reasons, I believe that removed directories and files >should be zeroed out, and hence not viewable by 'cat *', but doing that maybe >have some disadvantages that I do not know of. Files can be overwritten via the (nonportable) "-P" option to rm(1), which assumes of course that you're using a UFS-style filesystem, which does not move file data around physically on the platters, LFS for example does not guarantee this, since it writes its log (which contains the data) on disk wherever there is free space. It also would not work via NFS when the server is using a filesystem which does such things and you might not even know about it. Altogether, you cannot rely on that your files really get overwritten and companies that are specialized in data recovery often also succeed in bringing back data from overwritten disk blocks because the magnetization is not limited to the exact boundaries on the platters, and similar electromagnetical effects (that's why at some companies and military/government organizations harddisks with sensitive data aren't just overwritten but shreddered and often melted). Of course, a filename may also convey information about what was stored and it might IMHO be beneficial if the kernel would just refuse to let the userland open directories directly; it would help in a case where simply your account was hijacked. Overwriting a directory slot when it's freed is IMHO not really required (filenames might also end up in other disk blocks which you can not easily access, like in deleted temporary files or on swap, when pages which belong to programs which have processed those filenames have been written out, or they may show up over the network etc. --mkb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020421010027.2b2a2b72.mkb>