> > > Or isn't possible that it is still on the disk temporarily? If a > process still has the file open, even if you remove it doesn't it keep > the data around until all the inode references are freed? That would > mean that killing the last of the processes found using lsof, for > instance, should finally remove the file. Or am I still living in the > last century? > > ~~R > > while this is true, it does not particularly impact the specific scenario laid out by the original poster. in the context of "not keeping data around" due to privacy or confidentiality concerns, the data can be considered "deleted" just by removing the reference to it in the file system (rm). If we were discussing issues related to disk space usage or another applicable topic, this detail would become a factor.
If the data were extraordinarily sensitive, or if there was a serious threat of compromise, we could be more aggressive about wiping the data away. Even after the last process to hold an open file handle on a file closes that handle, the data is still on the disk until that spot on the disk has new data written to it by some future process. -wes _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
