Re: tool in /bin
Justin Pryzby <firstname.lastname@example.org> writes:
> On Tue, Jul 25, 2006 at 11:20:34AM +0200, Robert Lemmen wrote:
>> hi folks,
>> i have a bug report (#377687) which asks for a secure deletion tool to
>> be installed in /bin instead of /usr/bin so you can use it in
>> maintenance mode. makes sense in a way, and is possible when you look at
>> the library dependencies. but should it be done? i didn't find anything
>> in the policy on what to put in /bin, and the FHS doesn't really help.
>> so what do you think? should such a tool live in /bin?
> /[s]bin and /lib should be the minimal set of tools needed to boot the
> system, before /usr is mounted, or needed to restore the system if
> /usr is corrupted (eg. by [re]installing packages). The submitter
> wants to be able to have the bootscripts use a "shred"-like
> alternative to /bin/rm to inhibit undeletion of datafiles. I wonder
> what files are removed during boot that benefit (presumably from a
> security POV) from this?
And what tool does implement shredding in a way that destroy data with
a journaling filesystem that doesn't reuse its data blocks, i.e. if
you overwrite the file with random data different blocks are used.