From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2011-August/007241.html | 154 +++++++++++++++++++++++++++++ 1 file changed, 154 insertions(+) create mode 100644 zarb-ml/mageia-dev/2011-August/007241.html (limited to 'zarb-ml/mageia-dev/2011-August/007241.html') diff --git a/zarb-ml/mageia-dev/2011-August/007241.html b/zarb-ml/mageia-dev/2011-August/007241.html new file mode 100644 index 000000000..5a323d083 --- /dev/null +++ b/zarb-ml/mageia-dev/2011-August/007241.html @@ -0,0 +1,154 @@ + + + + [Mageia-dev] RM replacement + + + + + + + + + +

[Mageia-dev] RM replacement

+ Colin Guthrie + mageia at colin.guthr.ie +
+ Fri Aug 5 12:14:14 CEST 2011 +

+
+ +
'Twas brillig, and Luis Daniel Lucio Quiroz at 05/08/11 02:16 did gyre
+and gimble:
+> Le Vendredi 05 Août 2011 02:03:22 nicolas vigier a écrit :
+>> On Fri, 05 Aug 2011, Colin Guthrie wrote:
+>>> 'Twas brillig, and Luis Daniel Lucio Quiroz at 04/08/11 21:26 did gyre
+>>>
+>>> and gimble:
+>>>> Helo,
+>>>>
+>>>> As my experience in security field, to make Mageia more available in
+>>>> enterprise environments, and specially those that are security
+>>>> paranoid, i'm planning to port SRM.  SRM is a package that does a
+>>>> "secure" file deleting according some security standards (i dont
+>>>> remember right now names, i guess it is something in NIST, but that
+>>>> doesnt matter really).
+>>>>
+>>>> My question is, what should be the procedure that when you install
+>>>> srm, then the normal rm command could be replaced?  i was thinking
+>>>> in pushing an alias but what other alternatives do i have?
+>>>
+>>> Well you could theoretically use alternatives, but I would suspect that
+>>> such a fundamental tool as rm would probably be very dangerous to
+>>> package in that way (the alternatives scripts themselves may use rm!)
+>>>
+>>> So I think an alias would be best, but it'll only cover users/scripts
+>>> calling rm and not general unlinking... It likely won't cover GUIs and
+>>> other deletion methods. With that in mind, is it work aliasing rm at all
+>>> seeing as it'll only catch a subset of "delete" operations? You wouldn't
+>>> want to give a false sense of security after all...
+>>
+>> Yes, this would be better done on filesystem/kernel. Like this :
+>> http://thread.gmane.org/gmane.comp.file-systems.ext4/26548
+> 
+> I got your poing,  however i remember that SRM uses some specific algorithmis 
+> that are recomended in NIST, thats why i remember we chose SRM and we void 
+> zero filling techniques.
+
+Even still, Nicolas's point remains that this system (even if it uses
+special algorithms rather than just zero'ing) would be better
+implemented somewhere lower rather than in a single userspace tool.
+
+I'm not saying the userspace tool is not useful in the event that the
+underlying system does not have the capabilities, but using an alias or
+otherwise making the standard rm command == srm, is IMO just a token
+gesture and does not really address wider security concerns.
+
+IMO it would be better to just provide the tool and let people who
+specifically want secure delete use it manually when needed.
+
+Otherwise users may be duped into a false sense of security by
+installing the "secure deletes" package and then delete files thorough
+Nautilus or Konq under the false impression they are securely deleted.
+
+That's just my thoughts on it tho'. :)
+
+Col
+
+-- 
+
+Colin Guthrie
+mageia(at)colin.guthr.ie
+http://colin.guthr.ie/
+
+Day Job:
+  Tribalogic Limited [http://www.tribalogic.net/]
+Open Source:
+  Mageia Contributor [http://www.mageia.org/]
+  PulseAudio Hacker [http://www.pulseaudio.org/]
+  Trac Hacker [http://trac.edgewall.org/]
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1