"sanitizing" disks: wiping swap, non-allocated space, and
file-tails
Jan Grant
Jan.Grant at bristol.ac.uk
Sat Jul 17 07:26:09 PDT 2004
On Sat, 17 Jul 2004, David Kreil wrote:
> I wonder, in particular, how "system" directories like /var would be
> kept on a gdbe partition.
Much like any other, but the major issue is that, unlike /tmp/ and swap
(which can be wiped clean when a machine boots with no ill effects),
other partitions need to persist. That means you need to do one of two
things:
1. Be available when the machine boots to enter the keys to mount the
persistent partitions; or
2. Store those keys somewhere so the machine can do it for you.
If you choose (2) then you might as well not use an encrypted partition;
secure use needs human intervention.
--
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
If it's broken really badly - don't fix it either.
More information about the freebsd-questions
mailing list