Re: securely deleting files

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Hans Reiser <reiser@namesys.com>
To: Jason Holt <jason@lunkwill.org>
Cc: reiserfs-list@namesys.com, Edward Shishkin <edward@namesys.com>
Subject: Re: securely deleting files
Date: Tue, 06 May 2003 14:37:26 +0400	[thread overview]
Message-ID: <3EB79066.3000205@namesys.com> (raw)
In-Reply-To: <Pine.LNX.4.44.0305060522270.20364-100000@potato.zayda.com>

Jason Holt wrote:

>shred is a tool which is supposed to overwrite files so that they're
>unrecoverable, even with fairly involved recovery techniques.  
>
>But it isn't guaranteed to work - sensitive blocks may get moved around on the
>physical disk, stored in journals, etc.
>
>So here's how I get around it:
>
>$ cat >sensitive
>there's something sensitive in this file...
>
>$ rm sensitive
>$ cat /dev/zero    >foo ; sync ; rm foo  # Fill up the disk, then delete.
>$ cat /dev/urandom >foo ; sync ; rm foo  # For the *truly* paranoid
>
>Now, a good friend of mine pointed out that part of the space on a filesystem
>is kept aside just for root, so you may want to fill the disk up as root.  
>(Is this actually a concern?  Can blocks which used to hold user data end up
>being reserved?) 
>
Yes.

Edward, please put this in the faq, credit Jason, add a note that this 
will not protect against media scans using special equipment because 
writes and overwrites are not always equally aligned.

> 
>
>Also, if your sensitive file was in memory recently it might have been swapped
>out, in which case it may still be in the swap partition.  I have a program
>which fills up all available *memory* as well, and I could post the source
>here if everyone's interested.
>
>						-J
>
>
>
>  
>


-- 
Hans

next prev parent reply	other threads:[~2003-05-06 10:37 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-05-06  5:37 securely deleting files Jason Holt
2003-05-06 10:37 ` Hans Reiser [this message]
2003-05-12  7:50 ` Oleg Drokin
2003-05-12 10:39   ` Hans Reiser
2003-05-12 10:44     ` Oleg Drokin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3EB79066.3000205@namesys.com \
    --to=reiser@namesys.com \
    --cc=edward@namesys.com \
    --cc=jason@lunkwill.org \
    --cc=reiserfs-list@namesys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.