[Nottingham] Secure deletion of files

Jon Masters jonathan at jonmasters.org
Thu May 26 12:29:56 BST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Martin Garton wrote:

| On Thu, 2005-05-26 at 09:06 +0100, Luke Crowe wrote:
|
|>Why not just chattr it
|>
|>chattr -/+s  filename
|>
|>
|>sets secure deletion on a file basis

| Yes, but from man chattr:
|
| BUGS AND LIMITATIONS
|        The ‘c’, ’s’,  and ‘u’ attributes are not honored by the ext2
and ext3
|        filesystems  as  implemented  in  the  current mainline Linux
kernels.
|        These attributes may be implemented in future versions ext2 and
  ext3.
|
|
| perhaps they haven't bothered because just overwriting with zeros is
not really what some consider secure anyway?

That's why :-) Thanks, Martin.

This comes back to my point about not trusting a disk's built in secure
delete functionalitiy either. If you have no control over the process,
how do you /know/ it actually did what you asked (well, you could try
doing the forensics bit yourself). No, the best thing in cases of
security is always to assume the other guy can't get it right and you
need to do it yourself. Or is that paranoia?

:-)

Jon.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFClbKreTyyexZHHxERAhRtAJwPoXlX1txt3XUksShR13EfW7bsPgCfe7Uk
ch9gN8vejLvtEHJviynSXfY=
=56aE
-----END PGP SIGNATURE-----



More information about the Nottingham mailing list