| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Nov 2008 15:56:10 +0100
From: Martin Steigerwald <Martin@...htvoll.de>
To: Henrique de Moraes Holschuh <hmh@....eng.br>
Cc: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
phillip@...gher.demon.co.uk, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: Zero-clearing all zero-clearable bytes.
Hi!
Am Sonntag 23 November 2008 schrieben Sie:
> On Sun, 23 Nov 2008, Tetsuo Handa wrote:
> > What I wanted to do is "Zero-clearing *all zero-clearable* bytes".
> Other than acessing the fs directly with something fs-specific that
> knows how to do it, the following trick comes to mind:
>
> 1. compress all files to a tar.bz2.
> 2. remove all files
> 3. zero fs using dd to a file (will zero all blocks except for the ones
> used by the tar.bz2
> 4. unpack tar.bz2
> 5. remove tar.bz2
> 6. redo the dd trick. This will now zero all blocks that were in use by
> the tar.bz2.
>
> Of course, this only works if the (kernel, glibc, tar) are not writing
> random junk to the unused parts of a fs block.
>
> The cost is from 1 to 3 rm'ed inodes left behind. If you use two
> filesystems (i.e. tar to outside the filesystem), you avoid that
> possibility.
>
> > I wished there is a utility to zero-fill such bytes.
>
> So do I. And a IOCTL/syscall/whatever that we could use to sanitize
> (i.e. fill with an user-supplied byte) half-used blocks, so that we
> could have it on the most used filesystems (ext2, ext3, xfs,
> reiser...), and that we could implement scrub-erasing of unused
> filesystem areas properly.
There are at least 2 tools - I think there was even another one. I did not
test them and do not know whether they work on singular inode basis.
Debian Package zerofree:
Description: zero free blocks from ext2/3 file-systems
Zerofree finds the unallocated, non-zeroed blocks in an ext2 or ext3
file-system and fills them with zeroes. This is useful if the device
on which this file-system resides is a disk image. In this case,
depending on the type of disk image, a secondary utility may be able
to reduce the size of the disk image after zerofree has been
run. Zerofree requires the file-system to be unmounted or mounted
read-only.
.
The usual way to achieve the same result (zeroing the unallocated
blocks) is to run "dd" do create a file full of zeroes that takes up
the entire free space on the drive, and then delete this file. This
has many disadvantages, which zerofree alleviates:
* it is slow;
* it makes the disk image (temporarily) grow to its maximal extent;
* it (temporarily) uses all free space on the disk, so other
concurrent write actions may fail.
.
Zerofree has been written to be run from GNU/Linux systems installed
as guest OSes inside a virtual machine. If this is not your case, you
almost certainly don't need this package.
Debian Package wipe2fs:
Package: wipe2fs
Priority: extra
Section: admin
Installed-Size: 112
Maintainer: Martin A. Godisch <godisch@...ian.org>
Architecture: i386
Version: 0.2.1-1
Depends: e2fslibs, libc6 (>= 2.7-1), libcomerr2 (>= 1.33-3)
Filename: pool/main/w/wipe2fs/wipe2fs_0.2.1-1_i386.deb
Size: 14150
MD5sum: da0c0d4319fda08a1f5fc7a92f5b2535
SHA1: 2f7d55fbfda34b328b67f17e5e2e26d8f853bdac
SHA256: 569bc452331b1067f49ba5aaf36dd7bb357036307b79156c4d7c5beaa2a17545
Description: Securely wipe unused space in ext2/3 filesystems
This users-pace program locates unused space in ext2/3 filesystems
and overwrites the space with zero. wipe2fs also reaches the slack
space at the end of files, it does not require kernel filesystem
support.
Homepage: http://web.cecs.pdx.edu/~cklin/wipe2fs/
Ciao,
--
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists