Bugtraq mailing list archives
Re: Shred 1.0 Bug Report
From: "M. Leo Cooper" <thegrendel () THERIVER COM>
Date: Tue, 10 Oct 2000 23:43:11 -0700
On Tue, 10 Oct 2000, Jeff Harlan wrote:
Ran a test with Shred v1.0 and found some unexpected results. This utility is supposed to overwrite a file with several passes of different bit patterns followed by one random pattern. The file is then unlinked. This is supposed to make the file unrecoverable with utilities which read raw disk blocks. Using the icat utility from Dan Farmer and Wietze Venema's TCT Toolkit it appears that the data is not overwritten. This test was done on two different RedHat 6.0 systems.
It has been a couple of years since I actively worked on "shred". In response to your e-mail, Jeff, when I tested the program, it no longer worked as specified. In fact, when compiled on a glibc 2.1 machine, "shred" coredumps. It appears that this package is a victim of the changes made to libc. I therefore advise discontinuation of the use of the "shred" package. I have no plans to bugfix or update it, since Tom Vier's "wipe" package accomplishes the same job, and in a more thorough fashion. Jeff, I do have to question whether it was appropriate to notify Bugtraq, since "shred" was never, to my knowledge, a part of any Linux distribution. Thanks for the notification. Mendel
Current thread:
- Shred 1.0 Bug Report Jeff Harlan (Oct 10)
- Re: Shred 1.0 Bug Report Guenther H. Leber (Oct 10)
- Re: Shred 1.0 Bug Report Frank Wiles (Oct 11)
- Re: Shred 1.0 Bug Report M. Leo Cooper (Oct 11)
- Re: Shred 1.0 Bug Report Wietse Venema (Oct 11)
- Re: Shred 1.0 Bug Report Alfred Perlstein (Oct 12)
- Re: Shred 1.0 Bug Report Mitchell Blank Jr (Oct 13)
- Re: File "shredding" Kurt Seifried (Oct 13)
- Re: Shred 1.0 Bug Report Wietse Venema (Oct 11)
- Re: Shred 1.0 Bug Report M. Leo Cooper (Oct 11)
- Re: Shred 1.0 Bug Report Dan Kaminsky (Oct 12)
- Re: Shred 1.0 Bug Report Guenther H. Leber (Oct 10)