Re: Just got an interesting project...

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\George Toft at <-
MMAustin Godber at ->
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Mike Schwartz
Date:  
To: Main PLUG discussion list
CC: George Toft, Mike L Schwartz
Subject: Re: Just got an interesting project...
I am not available for this
(also not qualified)...
but I would just like to suggest
that no matter how scientifically you
"shred" some data,
when someone enters a command
to delete a certain message,
you might want to also, periodically
(like, maybe daily or weekly)
copy the "mailbox"
(messages that have NOT been
deleted / shredded)
to a physically different drive,
and then do some kind of very thorough
erasure (like, the low-level formatting
type of thing -- maybe even also use some
strong magnets nearby... etc.)
and over-writing of the data on the old
media.
(or - - -maybe even physically shred the
metal and disk drive media surfaces)
(if you can afford to buy new ones
every so often)
Just a suggestion, because it sounds like
it is really important for the "ghost images"
of erstwhile e-mail messages, to never
fall in to the wrong hands.
--
Mike Schwartz
Glendale AZ



On 10/5/06, George Toft <> wrote:
>
> Anyone up to the task of changing the source? This is a for-pay
> project, and if you can deliver, I can put it in the proposal.
>
> George Toft, CISSP, MSIS
> 623-203-1760
>
> "That which does not kill us makes us stronger."
>
>
>
> Eric "Shubes" wrote:
> > George Toft wrote:
> >
> >>Requirements:
> >>1. Deleted files (say, qmail messages after pickup) are shredded upon
> >>deletion. Immediately upon delete. Since an application is performing
> >>the delete, I must assume "rm" is not being issued, so I can't
> >>substitute "shred" in its place.
> >>
> >>2. Files owned by vpopmail:vchkpw can only be read by said user:group -
> >>this includes root. We need to lock root (and every other user) out of
> >>the messages.
> >>
> >>3. Encrypted file system to defend against physical theft.
> >>
> >>
> >>#3 is easy.
> >>
> >>#2 sounds like a job for SELinux. Alternatives are welcome :)
> >>
> >>What about #1? Any ideas?
> >>
> >
> > Change the source and rebuild? Should be fairly easy with qmail as it's
> > distributed as source. Other applications might not be as easy.
> >
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Just got an interesting project...Re: Just got an interesting project...->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)