| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bug-92271-13602-jLK2Jo000t@https.bugzilla.kernel.org/> Date: Tue, 03 Feb 2015 17:29:29 +0000 From: bugzilla-daemon@...zilla.kernel.org To: linux-ext4@...r.kernel.org Subject: [Bug 92271] Provide a way to really delete files, please https://bugzilla.kernel.org/show_bug.cgi?id=92271 --- Comment #22 from Theodore Tso <tytso@....edu> --- Alexander, merely overwriting the blocks won't necessarily help if you are using a SSD or something like dm-thin. That's the point; such patches will be making promises that can't be kept in all circumstances. In the case of an SSD, it might be require accessing the flash cells directly without the FTL getting in the way. So before you advertise such a scheme, you need to be very clear what your threat model and what capabilities the adversary is supposed to have. And, also, what responsibility you might bear (or a commercial company like Red Hat or SuSE might bear --- both in terms of legal liability and reputational damage) if they advertise such a feature, and then it turns out that the way the user happened to configure their system, it wasn't secure after all. -- Ted -- You are receiving this mail because: You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists