> On Tue, 8 Dec 1998 christophe.leroy5@capway.com wrote:
>
> This doesn't mean that the null-fill will actually get to the physical
> device. Further, filling with a known data-type will allow the data
> to be recovered by hardware means.
I was always under the impression that it was ok if you first
write all 0s and then all 1s and then 0s and 1s and then 1s and
0s over the existing data. Although you don't know if the data
has been moved around on the filesystem because of disk optimizing.
I suppose you could use an encrypted file system. I don't know
if you can do that on Linux, however.
> > My problem is that if the crypting process is swapped out during
> > crypting, one could be able to recover parts of uncrypted file
> > in swap partition.
> >
>
> `man chmod` Only the owner of the swap-file can read it. This should
> not be a user. It should be root. If root isn't trusted, you need
> to find a non-unix OS for your application.
>
Having the most secure system possible won't keep the Feds from
breaking in and confiscating your system. They'll get your
data without the root password. Trust No One!!!!!
---------------------------+
David F. Newman |
buzzwang@ourvillage.com |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/