Bugtraq mailing list archives
(forw) Re: Shred 1.0 Bug Report
From: Alfred Perlstein <bright () WINTELCOM NET>
Date: Thu, 12 Oct 2000 11:21:55 -0700
I'm sending this one last time because I feel that allowing people to comment about "fixing" shred when in reality it's a piece of worthless software. The only "fix" would be kernel support to do so as outlined in the email I sent. Wietse agrees with me about the points raised here. He also raised the obvious point of such information being leaked through swap and recoverable from memory while the system is still running. Shred needs kernel support to work properly and it's giving people a false sense of security. I would also be hesitant to run software that the author failed to fix properly even with detailed instructions as how to fix it were detailed, he obviously failed to roll his own the first time, and doing so again wasn't very successful. Using shred to wipe files is about as practical as ignoring friction during a physics equation, it looks right, but it's horribly off. You can continue to ignore and not relay my rants about useless and dangerous software on this list. It is a bit disapointing that it's the Linux community that suffers from ignorance of these problems and a refusal to come down hard on the authors of junk/dangerous software. My concern is that such programs will be ported to other systems and may soon wind up on one of my workstations or servers. People complaining about the stupid thing not checking return values from syscalls are trying to use a band-aid to fix a severed head. I don't see the point of discussing this program any further on this list, the focus afaik of Bugtraq is security and I don't see shred offering much of it. -Alfred ----- Forwarded message from Alfred Perlstein <bright () wintelcom net> ----- From: Alfred Perlstein <bright () wintelcom net> To: Wietse Venema <wietse () PORCUPINE ORG> Cc: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Shred 1.0 Bug Report Date: Wed, 11 Oct 2000 16:20:08 -0700 Message-ID: <20001011162008.U272 () fw wintelcom net> User-Agent: Mutt/1.2.4i * Wietse Venema <wietse () PORCUPINE ORG> [001011 14:48] wrote:
M. Leo Cooper:It has been a couple of years since I actively worked on "shred". In response to your e-mail, Jeff, when I tested the program, it no longer worked as specified. In fact, when compiled on a glibc 2.1 machine, "shred" coredumps. It appears that this package is a victim of the changes made to libc.The shredding problem is not in libc. The problem is that shred(1) should have called fsync() after each overwrite iteration, in order to request that data be flushed from the kernel buffers to the disk blocks.
Programs like shred are particularly bad, they offer a false sense of security, this instance shows a complete lack of understanding of how most UNIX filesystems are implemented. Shred won't work reliably on: a) data logging filesystems b) transactional filesystems c) filesystems that perform online defrag (FreeBSD-FFS+reallockblks) d) filesystems that offer snapshot capabilities. e) (well i'm sure there's more) Programs like this offer a false sense of security, the proper way to do it is to implement some sort of 'scrub(2)' syscall that informs the filesystem code to accomplish the task otherwise you risk missing the data on the disk. There is no way to for something like this working entirely from userland on an advanced filesystem without its assistance.
I therefore advise discontinuation of the use of the "shred" package. I have no plans to bugfix or update it, since Tom Vier's "wipe" package accomplishes the same job, and in a more thorough fashion. Jeff, I do have to question whether it was appropriate to notify Bugtraq, since "shred" was never, to my knowledge, a part of any Linux distribution.shred(1) installs with redhat 6.2, out of the box. Beware, software never dies. Once you release it things are out of your control.
shred should die. Anyone relying on it deserves their bits stolen and posted on usenet. much love, -- -Alfred Perlstein - [bright () wintelcom net|alfred () freebsd org] "I have the heart of a child; I keep it in a jar on my desk." ----- End forwarded message -----
Current thread:
- (forw) Re: Shred 1.0 Bug Report Alfred Perlstein (Oct 13)