[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

ext3 and secure deletion of files and file slack



Hi,

Can anyone please tell me if I am right in assuming that ext3
does not care about file slack?  Specifically I am thinking about
the use of the secure_delete utility which, includes "sfill" to
do secure overwriting of the unused diskspace on the harddisk.

I quote from the secure_delete README below for its modus
operandi (I appreciate that some of this will not apply to
sfill).

Thanks,

Geoff

---
HOW THESE PROGRAMS WORK

The deletion process goes like that :

1. The overwriting procedure, in the secure mode, does a 38 times
overwriting. After each pass, the diskcache is flushed.

2. truncate of the file, so that an attacker don't know which
diskblocks belonged to the file.

3. renaming of the file so that an attacker can't draw any
conclusion from the filename on the contents of the deleted file.

4. finally deleting the file (unlink).

Note that with v2.0 all secure_delete utilities work in
secure mode (38 special passes). To lower the security and make
it faster, you may add -l (one random pass, on 0xff pass) or -ll
(one 0xff pass) to the parameters. 
     
The secure overwrite mode works that way:

1x overwrite with 0xff
5x random passes
28x overwriting with special values to make the recovery from MFM
and RLL encoded harddisks hard/impossible - see Gutmann's paper
on that which is also included.
5x random passes 
__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]