Date: Sat, 17 Jul 2004 15:23:24 +0100 (BST) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: David Kreil <kreil@ebi.ac.uk> Cc: freebsd-questions@freebsd.org Subject: Re: "sanitizing" disks: wiping swap, non-allocated space, and file-tails Message-ID: <Pine.GSO.4.61.0407171520120.12724@mail.ilrt.bris.ac.uk> In-Reply-To: <200407170204.i6H24iT16753@puffin.ebi.ac.uk> References: <200407170204.i6H24iT16753@puffin.ebi.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 Jul 2004, David Kreil wrote: > I wonder, in particular, how "system" directories like /var would be > kept on a gdbe partition. Much like any other, but the major issue is that, unlike /tmp/ and swap (which can be wiped clean when a machine boots with no ill effects), other partitions need to persist. That means you need to do one of two things: 1. Be available when the machine boots to enter the keys to mount the persistent partitions; or 2. Store those keys somewhere so the machine can do it for you. If you choose (2) then you might as well not use an encrypted partition; secure use needs human intervention. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/ If it's broken really badly - don't fix it either.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.61.0407171520120.12724>