From owner-freebsd-security Thu May 20 10:49:40 1999 Delivered-To: freebsd-security@freebsd.org Received: from host07.rwsystems.net (kasie.rwsystems.net [209.197.192.103]) by hub.freebsd.org (Postfix) with ESMTP id 8F6BB15238 for ; Thu, 20 May 1999 10:49:35 -0700 (PDT) (envelope-from jwyatt@RWSystems.net) Received: from kasie.rwsystems.net([209.197.192.103]) (1553 bytes) by host07.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Thu, 20 May 1999 12:31:08 -0500 (CDT) (Smail-3.2.0.104 1998-Nov-20 #1 built 1998-Dec-24) Date: Thu, 20 May 1999 12:31:06 -0500 (CDT) From: James Wyatt To: "Ilmar S. Habibulin" Cc: posix1e@cyrus.watson.org, freebsd-security@freebsd.org Subject: Re: secure deletion In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 19 May 1999, Ilmar S. Habibulin wrote: > May be it's an freebsd-fs@ question, but i think that it belings here to. > I heard that some linux fs (maybe extfs2?) have some secure deletion flag, > which being set on inode(file or dir) cause content of this file to be > wiped before deletion, so even if somebody manage to restore file, its > content would be unusable. I think, that it is nice feature, and i would > like to see it in freebsd. What would you say? My first thought was, what a great idea for /etc/master.passwd which gets flushed every time a user updates their password. Good idea for any file containing decrypted data. My second thought of the impact of support for wiping in the kernel... If I really wanted to slow down a server I didn't like, setting this flag for files in /tmp and CGI-interim results piping and caching sounds like it could quietly drive disk IO up quite a bit. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message