| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <54D08413.80600@ahsoftware.de> Date: Tue, 03 Feb 2015 09:17:23 +0100 From: Alexander Holler <holler@...oftware.de> To: Al Viro <viro@...IV.linux.org.uk> CC: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/5] WIP: Add syscall unlinkat_s (currently x86* only) Am 03.02.2015 um 09:10 schrieb Al Viro: > On Tue, Feb 03, 2015 at 09:01:36AM +0100, Alexander Holler wrote: >> Am 03.02.2015 um 08:56 schrieb Al Viro: >> >>> While we are at it, "overwrite with zeroes" is too weak if the attacker >>> might get hold of the actual hardware. Google for details - it's far too >>> long story for l-k posting. Look for data recovery and secure data erasure... >> >> You might read >> >> http://link.springer.com/chapter/10.1007/978-3-540-89862-7_21 >> >> Here is an article in german about that: >> >> http://www.heise.de/security/meldung/Sicheres-Loeschen-Einmal-ueberschreiben-genuegt-198816.html >> >> In short, it's enough to overwrite it once with zeros, > > Regardless of the media used? How does that work on e.g. flash? That's why "secure trim" should be used if available. Blame the storage people for not offering it. But as I've already mentioned, they would just answer that filesystems don't (didn't) delete files anyway. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists