Date: Sat, 22 May 1999 10:01:10 -0600 From: Wes Peters <wes@softweyr.com> To: Warner Losh <imp@harmony.village.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: secure deletion Message-ID: <3746D4C6.4A284FE0@softweyr.com> References: <Pine.BSF.4.05.9905221042250.25097-100000@ws-ilmar.ints.ru> <199905220836.CAA02030@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote:
>
> In message <Pine.BSF.4.05.9905221042250.25097-100000@ws-ilmar.ints.ru> "Ilmar S. Habibulin" writes:
> : On 21 May 1999, Dag-Erling Smorgrav wrote:
> :
> : > Because a mount option can be changed at runtime, whereas a kernel
> : > option cannot. A mount option would allow you to enable the security
> : > feature on file systems which need it but not on file systems which do
> : > not need it, whereas a kernel option would enable it unconditionally
> : > on all file systems.
> : And what about it? I just don't understand why this option must be
> : fs-specific. If file have no flag, it would be deleted in ordinary way.
>
> I think that what people are saying, if I understand them correctly,
> is that it would be desirable if an entire file system could be told
> to do the shredding delete. This would make it useful for a
> filesystem mounted on /tmp, for example.
If you're really concerned about security, you'll want this on enabled
on swap spaces, too, just in case sensitive data got swapped to disk.
You can't avoid having it on disk while the page is active, but certainly
want it securely erased when the page is no longer in use.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.softweyr.com/~softweyr wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3746D4C6.4A284FE0>