On Thu, Jul 27, 2006 at 05:14:28PM +0200, Robert Lemmen wrote: > On Thu, Jul 27, 2006 at 10:06:32AM -0400, Justin Pryzby wrote: > > I'll note that if chattr +s was implemented for ext[23], a local > > diversion of /bin/rm would be sufficient. > > i don't quite understand this. the way i understand the attribute, it > advises the kernel that the file should be deleted ina secure way, which > means it (the kernel) would have to implement something like > secure-delete and run it if it unlinks a file with that attribute, > right? but the kernel does not implement that, and if it would, the same > problem would lie there. the cleanest way would probably to pass that > data down to the actual filesystem, which knows how to securely wipe a > file from all it's journaled blocks and so on. is that what you meant? If it could be reasonably assumed that chattr +s would work (if it were implemented for the kernel/filesystem in use), then one could dpkg-divert --rename /bin/rm and create a new wrapper /bin/rm:
#! /bin/sh set -e chattr +s -- "$@" exec rm.local "$@" Justin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
