2008/1/19, bofh <[EMAIL PROTECTED]>: > On Jan 18, 2008 4:28 PM, Ted Unangst <[EMAIL PROTECTED]> wrote: > > > On 1/18/08, Sunnz <[EMAIL PROTECTED]> wrote: > > > From what I understand, if foo isn't the last hard link to the file, > > > and `rm foo` will NOT delete the file... > > > > what does it matter if somebody keeps a link to it? if you have idiot > > users who insist on using broken software, you have bigger problems. > > what if they download the old version and compile it themselves? > > > I think he means sshd. And it really doesn't matter, once you make install, > you'll overwrite the vulnerable copy with the new one, and all the hardlinks > won't matter, because they'd be linked to the new file. >
Nice, that's interesting to know. > If you're worried about someone writing a program that'll walk the entire > drive and find all the sectors that were in use, and attempt to string them > together - think about it for a while, is this truly a problem for you? If > it is, either hire someone (or convince someone) to write a program to wipe > this out for you, or choose another OS where such a program exist. > Nope. It is not so about worrying... really, I am more curious about if such thing script/program exist or not, or what the security implication are all about - after reading all those delete free space threads.