"secure" file flag?
Wes Peters
wes at softweyr.com
Sun Nov 23 00:19:13 PST 2003
On Saturday 22 November 2003 02:54 am, Stefan Eßer wrote:
> On 2003-11-22 11:04 +0100, Dag-Erling Smørgrav <des at des.no> wrote:
> > Stefan Eßer <se at FreeBSD.org> writes:
> > > I may be way off, but I do not think, that a special thread or
> > > a cache flush after each block is required: [...]
> >
> > What happens if you yank the power cord?
>
> Worst case: The same thing that happened, if the you lost power
> a fraction of a second earlier, just before the unlink or loss
> of last reference to the file ...
>
> Nothing short of a self-destruct mechanism will do any better ;-)
Poppycock. Encrypting the data before it hits the disk is a fine
protection against somebody later recovering the data, either
inadvertantly or nefariously.
> Back to the subject of this thread:
>
> You could write a special flag "needs to be securely removed" to
> the inode. That way, an interrupted overwrite process could be
> continued after next reboot (for example initiated by fsck).
But why would somebody trying to steal your data run fsck on it? You're
not thinking paranoid enough.
--
Where am I, and what am I doing in this handbasket?
Wes Peters wes at softweyr.com
More information about the freebsd-hackers
mailing list