从ext3 linux安全地删除文件 [英] Securely remove file from ext3 linux
问题描述
是否有工具或C / C ++ unix函数可以调用检索文件的磁盘上的位置?不是文件的一些虚拟地址,而是文件驻留的磁盘/扇区/块?
这里的目标是覆盖磁盘上存在的实际位。我可能需要一种方法来绕过内核的地址叠加。我愿意考虑一个基于x86 asm的解决方案...
但是,我觉得有一些工具可以很好地完成这项工作。
感谢您的任何意见。 只有在非常特殊的情况下才有可能: 在操作系统和实际存储介质之间没有不可控制的间接层。 / p> 在不能再假设的现代系统上。固件损耗平衡代码的SSD驱动器不能这样工作;他们可以随意移动或复制数据,无需日志记录或外部控制的可能性。即使磁盘驱动器也会经常将现有数据保留在发生故障后重新映射的扇区中。混合驱动器同时支持... ATA规范支持 SECURE ERASE 命令会擦除整个驱动器,但是我不知道现有的实现有多彻底。
我相信 ext2fs
确实有这个功能。我也认为在默认日志模式下, ext3fs
和 ext4fs
也是这样工作的, code> data = journal 选项允许文件数据存储在日志中,而不仅仅是元数据。
另一方面 reiserfs
的工作原理是不同的,因为除了 notail
如果满足这两个条件,那么程序如 linux.die.net/man/1/shredrel =nofollow> 这个方法还是没有考虑到: 备份 虚拟化存储 ... 您不能再假定安全删除是可能的。最好假设这是不可能的,并使用加密;如果您正在处理敏感数据,您应该也可以使用它。 This question has been asked with varying degrees of success in the past... Are there tools, or C/C++ unix functions to call that would enable me to retrieve the location on disk of a file? Not some virtual address of the file, but the disk/sector/block the file resides in? The goal here is to enable overwriting of the actual bits that exist on disk. I would probably need a way to bypass the kernel's superimposition of addresses. I am willing to consider an x86 asm based solution... However, I feel there are tools that do this quite well already. Thanks for any input on this. Removing files securely is only possible under very specific circumstances: There are no uncontrolled layers of indirection between the OS and the actual storage medium. On modern systems that can no longer be assumed. SSD drives with firmware wear-leveling code do not work like this; they may move or copy data at will with no logging or possibility of outside control. Even magnetic disk drives will routinely leave existing data in sectors that have been remapped after a failure. Hybrid drives do both... The ATA specification does support a SECURE ERASE command which erases a whole drive, but I do not know how thorough the existing implementations are. The filesystem driver has a stable and unique mapping of files to physical blocks at all times. I believe that On the other hand If these two conditions are met, then a program such as This method still does not take into account: Backups Virtualized storage Left over data in the swap space ... Bottom line: You can no longer assume that secure deletion is possible. Better assume that it is impossible and use encryption; you should probably be using it anyway if you are handling sensitive data. There is a reason that protocols regarding sensitive data mandate the physical destruction of the storage medium. There are companies that actually demagnetize their hard disk drives and then shred them before incinerating the remains... 这篇关于从ext3 linux安全地删除文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋! shred
可以 能够安全地移除
$ b $博ttom行:
ext2fs
does have this feature. I also think that ext3fs
and ext4fs
also work like this in the default journaling mode, but not when mounted with the data=journal
option which allows for file data to be stored in the journal, rather than just metadata.reiserfs
definitely works differently, since it stores small amounts of data along with the metadata, unless mounted with the notail
option.shred
may be able to securely remove the content of a file by overwriting its content multiple times.