1 |
Am 14.01.2013 03:11, schrieb Adam Carter: |
2 |
> shred and dd available, but not srm etc |
3 |
> |
4 |
> I want to remove the user account info before the device is returned, |
5 |
> but dont want to cripple the device. Filesystem is ext3 with default |
6 |
> mount options, which implies its mounted with the default data=ordered, |
7 |
> and according to the docs "In both the data=ordered (default) and |
8 |
> data=writeback modes, shred works as usual" |
9 |
> |
10 |
> Would these steps be effective? |
11 |
> - set root pw back to installation default |
12 |
> - manually create copies of passwd and shadow (named passwd2 shadow2, |
13 |
> NOT by copying files then deleting extra lines) containing only the |
14 |
> default installation entries |
15 |
> - shred /etc/passwd /etc/shadow |
16 |
|
17 |
Don't forget the backup files created by some tools. For example |
18 |
"/etc/passwd-" |
19 |
|
20 |
> - mv passwd2 and shadow2 to passwd and shadow |
21 |
> - dd if=/dev/zero of=/blah (to blank all spare blocks on fs, dd will |
22 |
> bail out once full. Will it miss info from non-fully allocated blocks?) |
23 |
|
24 |
Don't forget to do this as root to get the last 5%. |
25 |
|
26 |
If you want to be sure, you can try several overwrite cycles, for |
27 |
example with binary ones. The easiest way I know to generate such a |
28 |
sequence is `tr '\000' '\377' < /dev/zero | dd of=...`. Or you can just |
29 |
allocate /blah and then `shred` it. |
30 |
|
31 |
> - rm /blah |
32 |
|
33 |
If you have swap, you should clear that, too. |
34 |
|
35 |
Regards, |
36 |
Florian Philipp |