[sclug] Clearing out file system dead space

[Graham Swallow]

You would think that the various SECLINUX projects would have this covered,
with the correct kernel hooks (instead of LD_PRELOAD), or the undelete
users.

If you are not actually running anything, you could dd if=/dev/zero
of=del_me_soon
That would increase your compression (clonezilla), but ruin your encryption
strength, so you might use /dev/random instead
(for the first megabyte-1 then loop over itself?)

You could also use loopback mounted files for TEMP work areas,
and scrub them yourself, reducing the churn on your main storage.
Then develop a style where your laptop is a 'checked-out-copy' of
your main server, with local edits seeking to be checked back in
and scrubbed, almost like 'mc' when it edits a text file within a tgz.

Also a multi-layered unionfs (like puppy uses) might help,
as you can clean up each layer, whenever you choose to.

Graham

Ed Davies wrote:
>
> > E.g., after working on a project under NDA or otherwise
> > handling confidential information (keys, data covered
> > by the data protection act, etc) you don't want to leave
> > any blocks from all the various edits and such on a
> > laptop which you're going to carry around.
>
>