> I am familar with the issues involved, but there are different levels of
> security. If I want deleted data to be secure from reading (the raw
> device) at the software level, even if root is compromised, simply
> overwriting it on the disk is sufficient.
OK, fair enough. At one point, you could set and e2fs attribute and when the
file was deleted, the blocks previously occupied were zeroed.
I guess this is something to add to the fs-wish list for 2.3.x and ext2+ or
whatever sct ends up calling it? (tasaf - Ted And Steves Amazing
Filesystem?)
> It belongs in the kernel because that's the only place it can be done, and
> it is certainly part of the filesystem functionality (which is part of the
> kernel). For some applications where security is more important than
> performance, a simple filesystem with this functionality would be an
> acceptable replacement for ext2.
A simple over-write can be done in the kernel, but the complex methods
employed by SFS and similar programs would be way overkill.
As you point out though, zeroing should suffice in many cases.
> This page does not exist.
Grr... lart me, it moved.
Try: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
-Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html