From owner-freebsd-security  Wed May 19 13:42:35 1999
Delivered-To: freebsd-security@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id C496614CF2
	for <freebsd-security@FreeBSD.ORG>; Wed, 19 May 1999 13:42:32 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id OAA63631;
	Wed, 19 May 1999 14:41:23 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id OAA01463; Wed, 19 May 1999 14:41:14 -0600 (MDT)
Message-Id: <199905192041.OAA01463@harmony.village.org>
To: "Ilmar S. Habibulin" <ilmar@ints.ru>
Subject: Re: secure deletion 
Cc: posix1e@cyrus.watson.org, freebsd-security@FreeBSD.ORG
In-reply-to: Your message of "Wed, 19 May 1999 16:01:45 +0400."
		<Pine.BSF.4.05.9905191535110.7728-100000@ws-ilmar.ints.ru> 
References: <Pine.BSF.4.05.9905191535110.7728-100000@ws-ilmar.ints.ru>  
Date: Wed, 19 May 1999 14:41:14 -0600
From: Warner Losh <imp@harmony.village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <Pine.BSF.4.05.9905191535110.7728-100000@ws-ilmar.ints.ru> "Ilmar S. Habibulin" writes:
: May be it's an freebsd-fs@ question, but i think that it belings here to.
: I heard that some linux fs (maybe extfs2?) have some secure deletion flag,
: which being set on inode(file or dir) cause content of this file to be
: wiped before deletion, so even if somebody manage to restore file, its
: content would be unusable. I think, that it is nice feature, and i would
: like to see it in freebsd. What would you say?
: 
: PS. I have implementation of this feature for freebsd-2.2.5. May be i can
: port it to 3.x.

Does it doe the DoD recommended patter of deletion?  That is overwrite
the blocks with sever different series of bit patterns to make it
impossible to recover using the usual techniques, or is it just a
bzero of the blocks in question?  The former is secure deletion, the
latter is too insecure for most people that want this feature...

Warner

P.S.  I do think a port of even the latter would be a good thing.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message