On Oct 31, 2010, at 9:06 AM, Pawel Jakub Dawidek wrote: > On Sun, Oct 31, 2010 at 09:21:28AM +0000, Ulrich Spoerlein wrote: >> Author: uqs >> Date: Sun Oct 31 09:21:27 2010 >> New Revision: 214596 >> URL: http://svn.freebsd.org/changeset/base/214596 >> >> Log: >> Elaborate some more on the non-security implications of using -P > [...] >> +.Pp >> +N.B.: The >> +.Fl P >> +flag is not considered a security feature >> +.Pq see Sx BUGS . > > I'm sorry for jumping so late into the subject, but if it is not a > security feature than what other purpose has left? > > Really guys, this option is useless.
I completely agree. > There is no reliable way to verify if the blocks are really overwritten. > Period. Not from userspace, no. I think the only reasonable approach is to add a new syscall (unlink_with_overwrite(2)?) and chase the implications down through the filesystem, GEOM, and driver interfaces. Tim _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
