You are not logged in.
- Topics: Active | Unanswered
#1 2008-07-11 22:55:39
- saciel
- Member
- From: Germany
- Registered: 2006-07-30
- Posts: 153
question about security issues regarding 'cp' and 'mv'
Ok, I wondered about how 'cp' and 'mv' are really working. I have some guesses but I need these things to be confirmed.
Here is what I have:
A partition with a unix file system, say ext2 or 3 (does this make a difference here?) containing *very* sensitive data. The filesystem is encrypted (whirlpool/serpent) but that shouldn't matter. As I do not want corpses of dead files lying around that could be recovered, I always use 'shred -zu' with 26 passes to overwrite and then delete the data.
And that's where I have my conceirns:
If I want to rename a file or move it to another folder on the same partition. Is it save to 'mv' it? Or should I 'cp' it and then 'shred' the original file. I assume that 'mv' will not touch the actual file and just tell the file system of it's new name or place in the folder-structure. Given that, shredding a 'mv'ed file should not leave a trace of it on the drive (except of the old filename before the 'mv' maybe, but that wouldn't be too critical). I assume that, because it's the only thing that would make sense to me, but have to know it for sure!
However, on moving the file to another drive I should probably 'cp' it, then 'shred' the original file. The question I have here is as follows:
How much information which could be recovered leaves 'cp'ing in my RAM? Will I have to find a way to somehow shred the information in the RAM or can I assume that my RAM get's rewritten often enough, that most traces will be gone, say, in a couple of days?
If you have links at hand to confirm your answer, please post them, too.
They say if you reverse play a Windows CD you can hear satanic verses... But wanna know what's even worse? If you forward play it, it's gonna install Windows on your system!
Offline
#2 2008-07-12 09:36:48
- dyscoria
- Member
- Registered: 2008-01-10
- Posts: 1,007
Re: question about security issues regarding 'cp' and 'mv'
Dunno bout the other stuff, but to flush RAM cache you can do this:
echo 1 > /proc/sys/vm/drop_cachesBoy, you really are security conscious!
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
Offline
#3 2008-07-15 22:59:20
- saciel
- Member
- From: Germany
- Registered: 2006-07-30
- Posts: 153
Re: question about security issues regarding 'cp' and 'mv'
Okay, thanks for that, I will have a closer look on flushing the ram.
Sure, I care about security and privacy, but -- as you might expect -- the data I have are not really THAT sensitive/confidential/whatsoever. I've just gotten into it somehow and now I'm just curious/intrested in improving it for it's own sake more or less.
They say if you reverse play a Windows CD you can hear satanic verses... But wanna know what's even worse? If you forward play it, it's gonna install Windows on your system!
Offline
#4 2008-07-16 03:34:40
- Daenyth
- Forum Fellow
- From: Boston, MA
- Registered: 2008-02-24
- Posts: 1,244
Re: question about security issues regarding 'cp' and 'mv'
No harm in that. Plus security experience always looks nice on a resume 
[git] | [AURpkgs] | [arch-games]
Offline