From owner-freebsd-security Fri May 21 16:16:37 1999 Delivered-To: freebsd-security@freebsd.org Received: from narcissus.net (narcissus.net [209.73.230.146]) by hub.freebsd.org (Postfix) with ESMTP id D8F2914DF2 for ; Fri, 21 May 1999 16:16:27 -0700 (PDT) (envelope-from ben@narcissus.net) Received: by narcissus.net (Postfix, from userid 1000) id 2EE85184; Fri, 21 May 1999 19:08:00 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by narcissus.net (Postfix) with SMTP id 1FC7D183; Fri, 21 May 1999 19:08:00 -0400 (EDT) Date: Fri, 21 May 1999 19:08:00 -0400 (EDT) From: Snob Art Genre To: Patrick Bihan-Faou Cc: Darren Reed , Gregory Sutter , wes@softweyr.com, imp@harmony.village.org, ilmar@ints.ru, posix1e@cyrus.watson.org, freebsd-security@FreeBSD.ORG Subject: Re: secure deletion In-Reply-To: <19990520145800.B5E31150AF@hub.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 20 May 1999, Patrick Bihan-Faou wrote: > - basic: what the original poster was suggesting: writing garbage data (be > it zero or some pattern) over the deleted chunks. The clear advantage of > that is that if you try to recover the freed blocks on a system comparable > to the original system, you will probably not get anything useful out of the > disk. If I understand correctly, it's conceivable that someone could break into my system over the network and get access to the raw disk device, and thereby read data that have been deleted but not overwritten. That's a good bit easier than physically breaking in and taking the disk. So I can see some use for functionality that overwrites files on unlink() thoroughly enough to prevent further reading by the disk head, even if it offers no protection against the kind of specialized reading devices that can be used on a captured hard disk platter. I'm not advocating this measure so much as pointing out that there is a perceptible level of security between what we currently have and military-grade. Ben @narcissus.net -- finally To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message