Re: [PATCH 1/5] WIP: Add syscall unlinkat_s (currently x86* only)

[Alexander Holler]

Am 03.02.2015 um 09:10 schrieb Al Viro:
> On Tue, Feb 03, 2015 at 09:01:36AM +0100, Alexander Holler wrote:
> > Am 03.02.2015 um 08:56 schrieb Al Viro:
> >
> > > While we are at it, "overwrite with zeroes" is too weak if the attacker
> > > might get hold of the actual hardware.  Google for details - it's far too
> > > long story for l-k posting.  Look for data recovery and secure data erasure...
> >
> > You might read
> >
> > http://link.springer.com/chapter/10.1007/978-3-540-89862-7_21
> >
> > Here is an article in german about that:
> >
> > http://www.heise.de/security/meldung/Sicheres-Loeschen-Einmal-ueberschreiben-genuegt-198816.html
> >
> > In short, it's enough to overwrite it once with zeros,
>
> Regardless of the media used?  How does that work on e.g. flash?

That's why "secure trim" should be used if available. Blame the storage 
people for not offering it. But as I've already mentioned, they would 
just answer that filesystems don't (didn't) delete files anyway.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/