Le 20/11/17 15:10, James Carlson via openindiana-discuss a écrit :
On 11/20/17 04:51, Marc Lobelle wrote:
Hum, this means that bcrypt will not erase the original file after
encrypying it either and the file must be decrypted to be used. How can
I make sure that its contents cannot be recovered on zfs then ? (apart
from writing the zfs encryption code that is missing in illumos zfs ; it
will have to be done eventually but I'm looking for an interim solution).
This doesn't work on ZFS, and just doesn't work in general even without
ZFS. It's not uncommon that hardware itself remaps sectors, potentially
leaving sensitive data in place and inaccessible to software that just
goes through the file system layer, but relatively easily recoverable by
an attacker.
The better answer, assuming physical security is insufficient, is to
avoid writing sensitive information in the first place: encrypt the data
before writing or configure the file system itself to encrypt.
Yes, this is what I do on solaris where the encrypt option of zfs is
implemented, but it is not yet available on openindiana, unfortunately.
Marc
A quick google search on "zfs secure delete" will turn up all sorts of
discussions about this.
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
https://openindiana.org/mailman/listinfo/openindiana-discuss
