Securely wiping a file on a tmpfs
- by Nanzikambe
I have a script that decrypts some data to a tmpfs, the directory is secure (permissions), the machine's swap is encrypted (random key on boot) and when the script is done it does a 35 pass wipe (Peter Gutmann) of the cleartext on the tmpfs .
I do this because I'm aware wiping files on a journaling file system is insecure, data may be recovered.
For discussion, here're the relevant bits extracted:
# make the tmpfs
mkdir /mnt/tmpfs
chmod 0700 /mnt/tmpfs
mount -t tmpfs -o size=1M tmpfs /mnt/tmpfs
cd /mnt/tmpfs
# decrypt the data
gpg -o - <crypted_input_file> | \
tar -xjpf -
# do processing stuff
# wipe contents
find . -type f -exec bcwipe -I {} ';'
# nuke the tmpfs
cd ..
umount -f /mnt/tmpfs
rm -fR /mnt/tmpfs
So, my question, assuming for the moment that nobody is able to read the cleartext in the tmpfs while it exists (I use umask to set cleartext to 0600), is there any way any trace of the cleartext could remain either in memory or on disk after the snippet above completes?