From owner-freebsd-security  Thu Nov 18 20:47: 2 1999
Delivered-To: freebsd-security@freebsd.org
Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108])
	by hub.freebsd.org (Postfix) with ESMTP
	id D6A0B14CB0; Thu, 18 Nov 1999 20:47:00 -0800 (PST)
	(envelope-from danderse@faith.cs.utah.edu)
Received: (from danderse@localhost)
	by faith.cs.utah.edu (8.9.3/8.9.3) id VAA22206;
	Thu, 18 Nov 1999 21:46:55 -0700 (MST)
From: David G Andersen <danderse@cs.utah.edu>
Message-Id: <199911190446.VAA22206@faith.cs.utah.edu>
Subject: Re: secure filesystem wiping
To: barrett@phoenix.aye.net (Barrett Richardson)
Date: Thu, 18 Nov 1999 21:46:55 -0700 (MST)
Cc: wes@softweyr.com, kris@hub.freebsd.org, trouble@netquick.net,
	danderse@cs.utah.edu, freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.4.01.9911182331400.18537-100000@phoenix.aye.net> from "Barrett Richardson" at Nov 18, 99 11:37:34 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Lo and behold, Barrett Richardson once said:
> 
> Also, will my system choke if I mmap a 250 MB file on a system
> with 32 MB of ram? That was why I was thinking of obliterating
> files in strips.

Not if you do it right.  Do it in blocks, and use madvise 
(try MADV_SEQUENTIAL on the whole region, or simply MADV_DONTNEED each
block after you're done).  I'd wager that MADV_SEQUENTIAL will give you
exactly the behavior you're looking for if you do something like:

Blocks in terms of pagesize would be particularly appropriate, yes. :)

blocks = filesize/PAGE_SIZE;
for (block = 0; block < blocks; block++) {
   for (i = 0; i < PAGE_SIZE; i++) {
      scribble, scrabble, Z=10 points.
   }
}

Note that the pseudocode doesn't overwrite multiple times, and that's on
purpose.  If you're going through the mmap interface and not the raw
device, I don't think you're really going to have enough control over
things to do multiple pass overwrites.  But this should work just fine for
nuking those unsightly blemishes left over on your filesystem.

  -Dave

-- 
work: dga@lcs.mit.edu                          me:  dga@pobox.com
      MIT Laboratory for Computer Science           http://www.angio.net/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message