From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexander Holler <holler@ahsoftware.de>
Subject: Re: [PATCH 1/5] WIP: Add syscall unlinkat_s (currently x86* only)
Date: Tue, 03 Feb 2015 09:01:36 +0100
Message-ID: <54D08060.7070504@ahsoftware.de>
References: <1422896713-25367-1-git-send-email-holler@ahsoftware.de> <1422896713-25367-2-git-send-email-holler@ahsoftware.de> <20150203060542.GZ29656@ZenIV.linux.org.uk> <54D071AA.1030302@ahsoftware.de> <20150203075616.GA29656@ZenIV.linux.org.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
To: Al Viro <viro@ZenIV.linux.org.uk>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <20150203075616.GA29656@ZenIV.linux.org.uk>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

Am 03.02.2015 um 08:56 schrieb Al Viro:

> While we are at it, "overwrite with zeroes" is too weak if the attacker
> might get hold of the actual hardware.  Google for details - it's far too
> long story for l-k posting.  Look for data recovery and secure data erasure...

You might read

http://link.springer.com/chapter/10.1007/978-3-540-89862-7_21

Here is an article in german about that:

http://www.heise.de/security/meldung/Sicheres-Loeschen-Einmal-ueberschreiben-genuegt-198816.html

In short, it's enough to overwrite it once with zeros,