Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 20 Apr 2002 17:59:41 -0400
From:      Brian T.Schellenberger <bts@babbleon.org>
To:        Paul Everlund <tdv94ped@cs.umu.se>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: cat: A bug or just as it should be?
Message-ID:  <20020420215941.52D82BB29@i8k.babbleon.org>
In-Reply-To: <3CC136ED.28E55794@cs.umu.se>
References:  <3CC08E8E.B5EEEA90@cs.umu.se> <20020420034724.4FA12BB39@i8k.babbleon.org> <3CC136ED.28E55794@cs.umu.se>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Saturday 20 April 2002 05:37 am, you wrote:
| Anyway, due to security reasons, I believe that removed directories and
| files should be zeroed out, and hence not viewable by 'cat *', but doing
| that maybe have some disadvantages that I do not know 

Really, they aren't zeroed for reasons of efficiency.

I'm not sure what security hole would be plugged by erasing the *name* of the 
old file, but the contents are not, in general, erased either.  I mean it's 
likely that they will get reused "soon" but there's no guarantee of that sort 
of thing.  If security is a serious concern, you should install cfs or 
something of that ilk.  That's what I do.

The base file system is not meant to provide any security against somebody 
who has permissions.  Since anybody can (with default security settings) boot 
in single-user mode without a password and function as root, that means that 
there's no security against anybody with knowledge and physical access to the 
system.

If need security of that sort, then cfs provides it.  (At some cost in 
convenience.)  With cfs, even root can't get to your files.  (This can be a 
pain sometimes, but it's good security.)

-- 
Brian T. Schellenberger . . . . . . .   bts@wnt.sas.com (work)
Brian, the man from Babble-On . . . .   bts@babbleon.org (personal)
                                        http://www.babbleon.org

http://www.eff.org                      http://www.programming-freedom.org 

If you smell the smoke you don't need to be told what you've got to do;
Yet there's a certain breed, so very in-between, they'd rather take a
vote.   -- DEVO  --  Here To Go

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020420215941.52D82BB29>