From owner-freebsd-security Thu May 20 12:41: 9 1999 Delivered-To: freebsd-security@freebsd.org Received: from ints.ru (ints.ru [194.67.173.1]) by hub.freebsd.org (Postfix) with ESMTP id C5D871567A for ; Thu, 20 May 1999 12:40:50 -0700 (PDT) (envelope-from ilmar@ws-ilmar.ints.ru) Received: from ws-ilmar.ints.ru (ws-ilmar.ints.ru [194.67.173.16]) by ints.ru (8.9.2/8.9.2) with ESMTP id XAA04540; Thu, 20 May 1999 23:40:48 +0400 (MSD) Received: from localhost (localhost [127.0.0.1]) by ws-ilmar.ints.ru (8.9.2/8.9.1) with ESMTP id XAA02549; Thu, 20 May 1999 23:40:42 +0400 (MSD) Date: Thu, 20 May 1999 23:40:42 +0400 (MSD) From: "Ilmar S. Habibulin" To: James Wyatt Cc: posix1e@cyrus.watson.org, freebsd-security@freebsd.org Subject: Re: secure deletion In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 20 May 1999, James Wyatt wrote: > My first thought was, what a great idea for /etc/master.passwd which gets > flushed every time a user updates their password. Good idea for any file > containing decrypted data. > > My second thought of the impact of support for wiping in the kernel... If > I really wanted to slow down a server I didn't like, setting this flag for > files in /tmp and CGI-interim results piping and caching sounds like it > could quietly drive disk IO up quite a bit. - Jy@ My thoughts are about an option in kernel config file (WIPEINFO?), which will enable wiping support. To wipe the file before deletion you should set some wipe flag on this file. And i suppose that flag could be set only at the apps' wheel. ;-) I don't see any inheritance mechanism for this flag. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message