Securely wiping a file on a tmpfs

Posted by Nanzikambe on Super User See other posts from Super User or by Nanzikambe
Published on 2013-10-31T19:31:56Z Indexed on 2013/11/01 10:01 UTC
Read the original article Hit count: 431

Filed under:
|
|
|
|

I have a script that decrypts some data to a tmpfs, the directory is secure (permissions), the machine's swap is encrypted (random key on boot) and when the script is done it does a 35 pass wipe (Peter Gutmann) of the cleartext on the tmpfs .

I do this because I'm aware wiping files on a journaling file system is insecure, data may be recovered.

For discussion, here're the relevant bits extracted:

# make the tmpfs
mkdir /mnt/tmpfs
chmod 0700 /mnt/tmpfs
mount -t tmpfs -o size=1M tmpfs /mnt/tmpfs
cd /mnt/tmpfs

# decrypt the data
gpg -o - <crypted_input_file> | \
    tar -xjpf -

# do processing stuff

# wipe contents
find . -type f -exec bcwipe -I {} ';'

# nuke the tmpfs
cd ..
umount -f /mnt/tmpfs
rm -fR /mnt/tmpfs

So, my question, assuming for the moment that nobody is able to read the cleartext in the tmpfs while it exists (I use umask to set cleartext to 0600), is there any way any trace of the cleartext could remain either in memory or on disk after the snippet above completes?

© Super User or respective owner

Related posts about linux

Related posts about security