Networker

Re: [Networker] Backing up deleted files security question?

2003-10-15 11:59:40
Subject: Re: [Networker] Backing up deleted files security question?
From: Howard Martin <howard.martin AT EDS DOT COM>
To: NETWORKER AT LISTMAIL.TEMPLE DOT EDU
Date: Wed, 15 Oct 2003 11:58:38 -0400
In theory there should not be an issue, filesystem backups will only backup
files pointed to in a directory and deleted files are not pointed to.
However in my previous job there was a version of word (if I recall - if
not then some other microsoft app) that cleverly grabbed a bunch of disk
blocks and then filled them ( this was not noticable in word ) but other
applications that looked at these files would see the new data AND the old
data on the portion not overwritten, this was easily visible on the solaris
sytem running samba where these files were saved!
Presumably it would be possible to duplicate this in a pure solaris system
(but I can't think why anyone would).


On Wed, 15 Oct 2003 11:07:43 -0400, George Sinclair
<George.Sinclair AT NOAA DOT GOV> wrote:

>I have a security question here. Let's suppose I create a file on a unix
>system, and then I delete it, and let's further suppose that I have some
>utility that can write zeros to the formerly occupied blocks to prevent
>anyone from potentially reading the data previously associated with said
>file. If NetWorker backs up the parent file system after the file has
>been deleted, but before the blocks have been overwritten (cleaned), is
>there any possibility that the data blocks that still contain the data
>could be backed up in some way? We're running NetWorker 6.1.1 under
>Solaris 2.8 server with Storagenode running same version under Linux. We
>have some PCs that access data on Samba shares from unix hosts where
>this could be a concern.
>
>I'm thinking that NetWorker is backing up files only and not by block so
>it should not be a problem, but thought I'd check. I mean, recovery is
>by file so anyone who recovered everything under the file system should
>never see the affected data, right?
>
>BTW, anyone know of any free software to wipe disk blocks or properly
>erase a file for PCs or unix?
>
>Thanks.
>
>George
>
>--
>Note: To sign off this list, send a "signoff networker" command via email
>to listserv AT listmail.temple DOT edu or visit the list's Web site at
>http://listmail.temple.edu/archives/networker.html where you can
>also view and post messages to the list.
>=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=

--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=

<Prev in Thread] Current Thread [Next in Thread>