| [ CnUnix ] in KIDS 글 쓴 이(By): guest (guest) <211.110.17.144> 날 짜 (Date): 2002년 10월 28일 월요일 오전 11시 35분 42초 제 목(Title): Re: [q] unix 에서 rm 명령 안전한지? http://www-106.ibm.com/developerworks/security/library/s-data.html?dwzone=security#h9 Erasing the disk You may need to store sensitive data on the hard disk without protecting it. Perhaps your application needs to view a sensitive document that is much too big to fit into memory all at once. Encryption might be an option for protecting the document in some environments, but others might have performance considerations that forbid it. The best solution is to try to protect the file while it is in use, and delete it as quickly as possible. But when we delete the file, does it really go away? Usually, "deleting" a file means simply removing a file system entry that points to a file. The file will still exist somewhere, at least until it gets overwritten. Unfortunately, the file will also exist even after it gets overwritten. Disk technology is such that even files that have been overwritten can be recovered, given the right equipment and know-how. Some people claim that if you want to securely delete a file, you should overwrite it seven times. The first time, overwrite it with all ones, second with all zeroes. Then, overwrite it with an alternating pattern of ones and zeros. Finally, overwrite the file four times with random data, such as that generated from /dev/urandom or a similar source. Unfortunately, this technique probably isn't sufficient. It is widely believed that the United States government has disk recovery technology that can thwart such a scheme. If you are really concerned about this, then we recommend implementing Peter Gutmann's 35-pass scheme as a bare minimum (see Resources). Of course, anyone who gives you a maximum number of times to write over data is misleading you. No one knows how many times will be sufficient. If you want to take no chances at all, then you need to ensure that the bits of interest are never written to disk with encryption, decrypting them directly into locked memory. There is no other alternative. @ FreeBSD ports에 obliterate 라는게 있더군요. |