diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2011-August/007241.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2011-August/007241.html | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2011-August/007241.html b/zarb-ml/mageia-dev/2011-August/007241.html new file mode 100644 index 000000000..5a323d083 --- /dev/null +++ b/zarb-ml/mageia-dev/2011-August/007241.html @@ -0,0 +1,154 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] RM replacement + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20RM%20replacement&In-Reply-To=%3C4E3BC276.8020600%40colin.guthr.ie%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="007238.html"> + <LINK REL="Next" HREF="007246.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] RM replacement</H1> + <B>Colin Guthrie</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20RM%20replacement&In-Reply-To=%3C4E3BC276.8020600%40colin.guthr.ie%3E" + TITLE="[Mageia-dev] RM replacement">mageia at colin.guthr.ie + </A><BR> + <I>Fri Aug 5 12:14:14 CEST 2011</I> + <P><UL> + <LI>Previous message: <A HREF="007238.html">[Mageia-dev] RM replacement +</A></li> + <LI>Next message: <A HREF="007246.html">[Mageia-dev] RM replacement +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7241">[ date ]</a> + <a href="thread.html#7241">[ thread ]</a> + <a href="subject.html#7241">[ subject ]</a> + <a href="author.html#7241">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>'Twas brillig, and Luis Daniel Lucio Quiroz at 05/08/11 02:16 did gyre +and gimble: +><i> Le Vendredi 05 Août 2011 02:03:22 nicolas vigier a écrit : +</I>>><i> On Fri, 05 Aug 2011, Colin Guthrie wrote: +</I>>>><i> 'Twas brillig, and Luis Daniel Lucio Quiroz at 04/08/11 21:26 did gyre +</I>>>><i> +</I>>>><i> and gimble: +</I>>>>><i> Helo, +</I>>>>><i> +</I>>>>><i> As my experience in security field, to make Mageia more available in +</I>>>>><i> enterprise environments, and specially those that are security +</I>>>>><i> paranoid, i'm planning to port SRM. SRM is a package that does a +</I>>>>><i> "secure" file deleting according some security standards (i dont +</I>>>>><i> remember right now names, i guess it is something in NIST, but that +</I>>>>><i> doesnt matter really). +</I>>>>><i> +</I>>>>><i> My question is, what should be the procedure that when you install +</I>>>>><i> srm, then the normal rm command could be replaced? i was thinking +</I>>>>><i> in pushing an alias but what other alternatives do i have? +</I>>>><i> +</I>>>><i> Well you could theoretically use alternatives, but I would suspect that +</I>>>><i> such a fundamental tool as rm would probably be very dangerous to +</I>>>><i> package in that way (the alternatives scripts themselves may use rm!) +</I>>>><i> +</I>>>><i> So I think an alias would be best, but it'll only cover users/scripts +</I>>>><i> calling rm and not general unlinking... It likely won't cover GUIs and +</I>>>><i> other deletion methods. With that in mind, is it work aliasing rm at all +</I>>>><i> seeing as it'll only catch a subset of "delete" operations? You wouldn't +</I>>>><i> want to give a false sense of security after all... +</I>>><i> +</I>>><i> Yes, this would be better done on filesystem/kernel. Like this : +</I>>><i> <A HREF="http://thread.gmane.org/gmane.comp.file-systems.ext4/26548">http://thread.gmane.org/gmane.comp.file-systems.ext4/26548</A> +</I>><i> +</I>><i> I got your poing, however i remember that SRM uses some specific algorithmis +</I>><i> that are recomended in NIST, thats why i remember we chose SRM and we void +</I>><i> zero filling techniques. +</I> +Even still, Nicolas's point remains that this system (even if it uses +special algorithms rather than just zero'ing) would be better +implemented somewhere lower rather than in a single userspace tool. + +I'm not saying the userspace tool is not useful in the event that the +underlying system does not have the capabilities, but using an alias or +otherwise making the standard rm command == srm, is IMO just a token +gesture and does not really address wider security concerns. + +IMO it would be better to just provide the tool and let people who +specifically want secure delete use it manually when needed. + +Otherwise users may be duped into a false sense of security by +installing the "secure deletes" package and then delete files thorough +Nautilus or Konq under the false impression they are securely deleted. + +That's just my thoughts on it tho'. :) + +Col + +-- + +Colin Guthrie +mageia(at)colin.guthr.ie +<A HREF="http://colin.guthr.ie/">http://colin.guthr.ie/</A> + +Day Job: + Tribalogic Limited [<A HREF="http://www.tribalogic.net/">http://www.tribalogic.net/</A>] +Open Source: + Mageia Contributor [<A HREF="http://www.mageia.org/">http://www.mageia.org/</A>] + PulseAudio Hacker [<A HREF="http://www.pulseaudio.org/">http://www.pulseaudio.org/</A>] + Trac Hacker [<A HREF="http://trac.edgewall.org/">http://trac.edgewall.org/</A>] +</PRE> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="007238.html">[Mageia-dev] RM replacement +</A></li> + <LI>Next message: <A HREF="007246.html">[Mageia-dev] RM replacement +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7241">[ date ]</a> + <a href="thread.html#7241">[ thread ]</a> + <a href="subject.html#7241">[ subject ]</a> + <a href="author.html#7241">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |