Re: Ext 2/3 overwriting remnant data & use of data blocks - security

[Dragan Stanojevic - Nevidljivi <invisible@xxxxxxxxxxxxxxx>]

Hi there,

hell know wrote:

> BACKGROUND:
> Device under test uses temporary spool files.  When those files are no 
> longer needed, they are to be overwritten by the three-pass DOD 
> overwrite (pattern '35', 'ca', '97'), then deleted.  (Incase anyone out 
> there asks the obvious question, I am aware that Ext supports a "secure" 
> attribute but unfortunately that isn't enough for our purposes.  It HAS 
> to be a 3-pass overwrite... afterall that answer would be TOO EASY ;-).  
> Also, the file is written and overwritten sequentially- that may be 
> important to know when I get to the problem.


Well first of all, I don't think overwriting with known values is ok 
from security standpoint. Probably the better thing would be to 
overwrite it with random data.

That said, I guess you can write a shell script to use "shred" command 
instead of "rm" (if you are looking for a shell solution). Something like:

shred $1; shred $1; shred -u $1

If you are looking for your own solution, I guess looking how shred does 
it would be my first stop :)

bye,
N::

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature