svn commit: r214596 - head/bin/rm
Tim Kientzle
tim at kientzle.com
Sun Oct 31 18:19:13 UTC 2010
On Oct 31, 2010, at 9:06 AM, Pawel Jakub Dawidek wrote:
> On Sun, Oct 31, 2010 at 09:21:28AM +0000, Ulrich Spoerlein wrote:
>> Author: uqs
>> Date: Sun Oct 31 09:21:27 2010
>> New Revision: 214596
>> URL: http://svn.freebsd.org/changeset/base/214596
>>
>> Log:
>> Elaborate some more on the non-security implications of using -P
> [...]
>> +.Pp
>> +N.B.: The
>> +.Fl P
>> +flag is not considered a security feature
>> +.Pq see Sx BUGS .
>
> I'm sorry for jumping so late into the subject, but if it is not a
> security feature than what other purpose has left?
>
> Really guys, this option is useless.
I completely agree.
> There is no reliable way to verify if the blocks are really overwritten.
> Period.
Not from userspace, no. I think the only reasonable approach
is to add a new syscall (unlink_with_overwrite(2)?) and chase the
implications down through the filesystem, GEOM, and driver
interfaces.
Tim
More information about the svn-src-all
mailing list