RE: Securly deleting files in a journaled file system

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MEdward Norton at <-
M 
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Ben Weatherall
Date:  
To: plug-discuss
Subject: RE: Securly deleting files in a journaled file system

On 3/6/06, Edward Norton <> wrote:
>
> On 3/6/06, Edward Norton <> wrote:
> >
> > On 3/6/06, Ben Weatherall <> wrote:
>>
> > > I have been lurking on the list since I left the Phoenix area for
Texas
> > > earlier this year. I now need answers from those I know and trust.
Help!
> > >
> > In the past, I have used both wipe and shred to remove files from a
disk
> > >
> > > so they cannot be recovered. I am now having to do this under both
Linux
> > > (SuSE SLES-9) and AIX (v5.2) where both use a journaled file
system. All
> > > of the documentation says these tools will fail under these
conditions.
> > > The final solution needs to handle ext3, Reiser and JFS.
> > >
> > > Does anyone have any suggestions?
> > > -Ben Weatherall
> >
> >
> > dban (dban.sf.net) is probably by far the best. However, of the
> > filesystems you listed, it only covers two: ext2/3, and reiserfs.
JFS is not
> > supported AFAIK. UFS, however, is.
>
> Ok, nevermind, I think I misread your email. shred should work just
fine.
> Just try something like `shred -n100 -z`. 

I looked up shred again, just to make sure I wasn't mistaken. From
http://www.gnu.org/software/fileutils/doc/manual/html/fileutils.html#shr
ed%20invocation it states, "Please note that shred relies on a very
important assumption: that the filesystem overwrites data in place. This
is the traditional way to do things, but many modern filesystem designs
do not satisfy this assumption. Exceptions include:
    * Log-structured or journaled filesystems, such as those supplied
with AIX and Solaris.
    * Filesystems that write redundant data and carry on even if some
writes fail, such as RAID-based filesystems.
    * Filesystems that make snapshots, such as Network Appliance's NFS
server.
    * Filesystems that cache in temporary locations, such as NFS version
3 clients.
    * Compressed filesystems.


Since ext3, Reiser, JFS, etc. are all journaled filesystems, shred will
only work at the partition level. For ext3 I could convert it to ext2,
shred the file(s), and then convert it back to ext3, but that is not
really a good idea on production systems.

I also looked at dban (thanks for pointing it out), but it only wipes
disks. I just need to wipe specific files. I did find dban's notes about
the "Gutmann method" (http://dban.sourceforge.net/faq/index.html) used
by both shred and wipe interesting.

Any other ideas?
-Ben Weatherall
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: hdw, may be somewhat OTRe: hdw, may be somewhat OT->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)