On 09/18/2012 01:58 AM, Greg Freemyer wrote:
All,
I was just thinking about file wiping tools in opensuse.
In general file wiping tools are used if you have an important file you want to wipe (overwrite) before deleting.
In the distro we have shred and wipe that do this, and in OBS we have srm and secure-delete (10 years old).
It is clearly an issue that people are concerned about, but none of them seem to even try to address:
- file remnants which maybe in the filesystem journal - backup copies of the files in snapshots (LVM, btrfs, ext4 snapshots) - wiping of unallocated space to overwrite earlier drafts which may have been deleted but are still in unallocated - SSDs and there potential for sector remapping during the write operation. - the swap partition can hold copies of data that is unencrypted in ram
I realize a none of the above are trivial, but it seems they should make some effort to at least warn the user of the issues.
Speaking for coreutils' shred, it already warns in the info page: The best way to remove something irretrievably is to destroy the media it's on with acid, melt it down, or the like. For cheap removable media like floppy disks, this is the preferred method. [...] If you are not sure how your file system operates, then you should assume that it does not overwrite data in place, which means that shred cannot reliably operate on regular files in your file system. Generally speaking, it is more reliable to shred a device than a file, [...] Finally, consider the risk of backups and mirrors. File system backups and remote mirrors may contain copies of the file that cannot be removed, and that will allow a shredded file to be recovered later. So if you keep any data you may later want to destroy using `shred', be sure that it is not backed up or mirrored. Plus there's a link to Peter Gutmann's page: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html Have a nice day, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org