Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
My understanding was that the `undeletable' attribute led ext to try to make the file easier to undelete: the opposite effect.
It's a rather bad name for an attribute, really :/
Secure deletion and trash bin support
Posted Dec 7, 2006 10:36 UTC (Thu) by nix (subscriber, #2304)
Posted Dec 7, 2006 14:24 UTC (Thu) by Robin.Hill (subscriber, #4385)
The initial step in this proposal is the same for both attributes - the file is moved to a trash directory. The user process will then check these files and, for those with the secure deletion flag set, erase them. Those with the undeletable attribute set will just be left in the trash directory (presumably trying to set both attributes will produce an error somewhere!).
Posted Dec 8, 2006 0:54 UTC (Fri) by nix (subscriber, #2304)
The trash directory thing has all sorts of horrible potential problems,
though, particularly when group- or world-writable directories are
concerned. (World-writable isn't common outside of /tmp, but
group-writable is common.)
I can see half a dozen ways to DoS the system with this alone, especially
if users can set attributes on the trash directory such that users can ask
to move files in there but then don't have privileges to delete them from
Posted Dec 8, 2006 15:48 UTC (Fri) by niallm (guest, #3923)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds