-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 2 Aug 2012 07:05:36 -0700 wes <p...@the-wes.com> wrote: >>> >>> Or isn't possible that it is still on the disk temporarily? <snip> > while this is true, it does not particularly impact the specific > scenario laid out by the original poster. <snip> > If the data were extraordinarily sensitive, or if there was a > serious threat of compromise, we could be more aggressive about > wiping the data away. Even after the last process to hold an open > file handle on a file closes that handle, the data is still on the > disk until that spot on the disk has new data written to it by some > future process.
True, once you've deleted the target file, you can make certain it's no longer recoverable by using scrub or another disk wiping package. I use scrub v2.2 occasionally on my /home partition to obliterate all deleted files with a one-line script called scrubit, as follows: #!/bin/sh scrub -XS /home/scratch && rm -rf /home/scratch && exit 0 It writes random data over all free space on my /home partition, in two passes I think, then one pass of binary zeros followed by a verify pass. You can also set up /tmp as a ramdisk in /etc/fstab using the line: none /tmp tmpfs defaults 0 0 That will rebuild /tmp in memory at every reboot, for those who reboot. And if you're leery of Adobe Flash Player, you can clear that out, too: cd ~ rm -rf ./.adobe/Flash_Player/AssetCache/* rm -rf ./.macromedia/Flash_Player/#SharedObjects/* HTH, Robert -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAaztoACgkQ+qYMIUkNJCyZJACgr4ggNULWmpQwdJwZU/14a+Oa DLsAn3dCqJ7YgXHswmMeBxa0sCEvJk06 =71Ok -----END PGP SIGNATURE----- _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug