summaryrefslogtreecommitdiff
path: root/system/secure-delete/secure-delete_3.1-6.diff
diff options
context:
space:
mode:
Diffstat (limited to 'system/secure-delete/secure-delete_3.1-6.diff')
-rw-r--r--system/secure-delete/secure-delete_3.1-6.diff478
1 files changed, 478 insertions, 0 deletions
diff --git a/system/secure-delete/secure-delete_3.1-6.diff b/system/secure-delete/secure-delete_3.1-6.diff
new file mode 100644
index 0000000000..288092f59a
--- /dev/null
+++ b/system/secure-delete/secure-delete_3.1-6.diff
@@ -0,0 +1,478 @@
+--- secure-delete-3.1.orig/srm.1
++++ secure-delete-3.1/srm.1
+@@ -55,7 +55,7 @@
+ .TP
+ .B \-d
+ ignore the two special dot files . and .. on the commandline. (so you can
+-execute it like "srm -d .* *")
++execute it like "srm \-d .* *")
+ .TP
+ .B \-f
+ fast (and insecure mode): no /dev/urandom, no synchronize mode.
+@@ -65,7 +65,7 @@
+ and a final mode random values.
+ .TP
+ .B \-l
+--l for a second time lessons the security even more: only one random pass
++\-l for a second time lessons the security even more: only one random pass
+ is written.
+ .TP
+ .B \-r
+@@ -95,7 +95,7 @@
+ which comes with the
+ .I secure_deletion package
+ to ensure to wipe also the free diskspace. However, If already a small
+-file aquired a block with your precious data, no tool known to me can help
++file acquired a block with your precious data, no tool known to me can help
+ you here. For a secure deletion of the swap space
+ .I sswap
+ is available.
+@@ -136,5 +136,5 @@
+ (1),
+ .I sswap
+ (1),
+-.I smem
++.I sdmem
+ (1)
+--- secure-delete-3.1.orig/sfill.1
++++ secure-delete-3.1/sfill.1
+@@ -16,7 +16,7 @@
+ is designed to delete data which lies on available diskspace on mediums
+ in a secure manner which can not be recovered by thiefs, law enforcement
+ or other threats.
+-The wipe algorythm is based on the paper "Secure Deletion of Data from
++The wipe algorithm is based on the paper "Secure Deletion of Data from
+ Magnetic and Solid-State Memory" presented at the 6th Usenix Security
+ Symposium by Peter Gutmann, one of the leading civilian cryptographers.
+ .PP
+@@ -59,7 +59,7 @@
+ and a final mode with random values.
+ .TP
+ .B \-l
+--l for a second time lessons the security even more: only one random pass
++\-l for a second time lessons the security even more: only one random pass
+ is written.
+ .TP
+ .B \-v
+@@ -130,5 +130,5 @@
+ (1),
+ .I sswap
+ (1),
+-.I smem
++.I sdmem
+ (1)
+--- secure-delete-3.1.orig/Makefile
++++ secure-delete-3.1/Makefile
+@@ -1,19 +1,19 @@
+ CC=gcc
+-OPT=-O2 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
++OPT=$(CFLAGS) -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+ #OPT=-Wall -D_DEBUG_ -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+-INSTALL_DIR=/usr/local/bin
++INSTALL_DIR=$(prefix)/bin
+ MAN_DIR=/usr/local/man
+ DOC_DIR=/usr/share/doc/secure_delete
+ OPT_MOD=-D__KERNEL__ -DMODULE -fomit-frame-pointer -fno-strict-aliasing -pipe -mpreferred-stack-boundary=2
+ #LD_MOD=-r
+
+-all: sdel-lib.o srm sfill sswap smem sdel-mod.o
+- @echo
+- @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is"
+- @echo "having fun."
+- @echo
+- @echo "I hope YOU have fun!"
+- @echo
++all: sdel-lib.o srm sfill sswap smem
++# @echo
++# @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is"
++# @echo "having fun."
++# @echo
++# @echo "I hope YOU have fun!"
++# @echo
+
+ sdel-mod.o: sdel-mod.c
+ $(CC) $(OPT) $(OPT_MOD) $(LD_MOD) -I/lib/modules/`uname -r`/build/include -c sdel-mod.c
+@@ -23,32 +23,28 @@
+
+ srm: srm.c
+ $(CC) ${OPT} -o srm srm.c sdel-lib.o
+- -strip srm
+ sfill: sfill.c
+ $(CC) ${OPT} -o sfill sfill.c sdel-lib.o
+- -strip sfill
+ sswap: sswap.c
+ $(CC) ${OPT} -o sswap sswap.c sdel-lib.o
+- -strip sswap
+ smem: smem.c
+ $(CC) ${OPT} -o smem smem.c sdel-lib.o
+- -strip smem
+
+ clean:
+ rm -f sfill srm sswap smem sdel sdel-lib.o sdel-mod.o core *~
+
+ install: all
+ mkdir -p -m 755 ${INSTALL_DIR} 2> /dev/null
+- rm -f sdel && ln -s srm sdel
+- cp -f sdel srm sfill sswap smem the_cleaner.sh ${INSTALL_DIR}
+- chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem ${INSTALL_DIR}/the_cleaner.sh
+- mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null
+- cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1
+- chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1
+- mkdir -p -m 755 ${DOC_DIR} 2> /dev/null
+- cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR}
+- -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char
++# rm -f sdel && ln -s srm sdel
++ cp -f srm sfill sswap smem ${INSTALL_DIR}
++ chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem
++# mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null
++# cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1
++# chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1
++# mkdir -p -m 755 ${DOC_DIR} 2> /dev/null
++# cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR}
++# -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char
+ # @-test '!' -e sdel-mod.o -a `uname -s` = 'Linux' && echo "type \"make sdel-mod install\" to compile and install the Linux loadable kernel module for secure delete"
+- @echo
+- @echo "If men could get pregnant, abortion would be a sacrament."
+- @echo
++# @echo
++# @echo "If men could get pregnant, abortion would be a sacrament."
++# @echo
+--- secure-delete-3.1.orig/srm.c
++++ secure-delete-3.1/srm.c
+@@ -110,7 +110,7 @@
+ if ( (filestat.st_dev != controlstat.st_dev) || (filestat.st_ino != controlstat.st_ino) ) {
+ fprintf(stderr, "Race found! (directory %s became a link)\n", filename);
+ } else {
+- if ((dir = opendir (".")) != NULL) {
++ if ((dir = opendir (".")) < 0) {
+ (void) chmod(".", 0700); /* ignore permission errors */
+ dir = opendir (".");
+ }
+@@ -166,8 +166,10 @@
+ return 3;
+ }
+
+- if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0)
++ if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0) {
++ close(fd);
+ return sdel_unlink(filename, 0, 1, slow);
++ }
+ } /* end IS_REG() */
+ else {
+ if (S_ISDIR(filestat.st_mode)) {
+--- secure-delete-3.1.orig/smem.1
++++ secure-delete-3.1/smem.1
+@@ -3,16 +3,16 @@
+ .if n .sp
+ .if t .sp 0.4
+ ..
+-.TH SMEM 1
++.TH SDMEM 1
+
+ .SH NAME
+-smem \- secure memory wiper (secure_deletion toolkit)
++sdmem \- secure memory wiper (secure_deletion toolkit)
+
+ .SH SYNOPSIS
+-.B smem [-f] [-l] [-l] [-v]
++.B sdmem [-f] [-l] [-l] [-v]
+
+ .SH DESCRIPTION
+-.I smem
++.I sdmem
+ is designed to delete data which may lie still in your memory (RAM)
+ in a secure manner which can not be recovered by thiefs, law enforcement
+ or other threats.
+@@ -24,7 +24,7 @@
+ .PP
+ The
+ .I secure data deletion
+-process of smem goes like this:
++process of sdmem goes like this:
+ .PP
+ .TP
+ .B *
+@@ -51,20 +51,26 @@
+ and a final random one.
+ .TP
+ .B \-l
+--l for a second time lessons the security even more: only one pass with
++\-l for a second time lessons the security even more: only one pass with
+ 0x00 is written.
+ .TP
+ .B \-v
+ verbose mode
+ .PP
+
++.SH NOTE
++.TP
++This utility was originally called
++.I smem
++but was renamed for debian to avoid name clashes with another package.
++
+ .SH BEWARE
+ .TP
+ .B SLOW
+-Wiping the memory is very slow. You might use smem with the -ll option. (tip)
++Wiping the memory is very slow. You might use sdmem with the \-ll option. (tip)
+ .TP
+ .B BETA!
+-.I smem
++.I sdmem
+ is still beta.
+
+ .PP
+@@ -84,7 +90,7 @@
+ can be obtained from
+ .I http://www.thc.org
+ .Sp
+-.I smem
++.I sdmem
+ and the
+ .I secure_deletion package
+ is (C) 1997-2003 by van Hauser / THC (vh@thc.org)
+--- secure-delete-3.1.orig/sswap.1
++++ secure-delete-3.1/sswap.1
+@@ -49,7 +49,7 @@
+ a final mode with random values.
+ .TP
+ .B \-l
+--l for a second time lessons the security even more: only one pass with
++\-l for a second time lessons the security even more: only one pass with
+ random values is written.
+ .TP
+ .B \-v
+@@ -106,5 +106,5 @@
+ (1),
+ .I sfill
+ (1),
+-.I smem
++.I sdmem
+ (1)
+--- secure-delete-3.1.orig/debian/docs
++++ secure-delete-3.1/debian/docs
+@@ -0,0 +1,4 @@
++README
++TODO
++secure_delete.doc
++usenix6-gutmann.doc
+--- secure-delete-3.1.orig/debian/control
++++ secure-delete-3.1/debian/control
+@@ -0,0 +1,13 @@
++Source: secure-delete
++Section: utils
++Priority: optional
++Maintainer: Robert Lemmen <robertle@semistable.com>
++Build-Depends: debhelper (>= 7.0.0)
++Standards-Version: 3.9.4
++
++Package: secure-delete
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Description: tools to wipe files, free disk space, swap and memory
++ Gutmann method based tools for securely wiping data from files, free
++ disk space, swap and memory: srm, sfill, sswap and sdmem.
+--- secure-delete-3.1.orig/debian/compat
++++ secure-delete-3.1/debian/compat
+@@ -0,0 +1 @@
++7
+--- secure-delete-3.1.orig/debian/changelog
++++ secure-delete-3.1/debian/changelog
+@@ -0,0 +1,46 @@
++secure-delete (3.1-6) unstable; urgency=low
++
++ * Enable hardening flags during build
++ * Update packaging
++ * Bump standards-version
++ * Fix a few minus-vs-hyphen bugs in manpages
++ * Fixed a few typos (closes: #486018, #653260)
++ * Tone down description a little bit and include binary names
++ (closes: #680336, #538151)
++
++ -- Robert Lemmen <robertle@semistable.com> Fri, 05 Jul 2013 08:50:37 +0100
++
++secure-delete (3.1-5) unstable; urgency=low
++
++ * Rename smem to sdmem to avoid name clash with smem package
++ * Bumped Standards-Version to 3.8.3 and related fixes
++
++ -- Robert Lemmen <robertle@semistable.com> Tue, 05 Jan 2010 14:55:00 +0000
++
++secure-delete (3.1-4) unstable; urgency=low
++
++ * Fixed licensing info (closes: #428102)
++ * Fixed handling of nostrip build option (closes: #438009)
++
++ -- Robert Lemmen <robertle@semistable.com> Tue, 28 Aug 2007 13:21:17 +0200
++
++secure-delete (3.1-3) unstable; urgency=low
++
++ * Moved from experimental
++ * Added more documentation
++
++ -- Robert Lemmen <robertle@semistable.com> Thu, 5 Oct 2006 22:04:17 +0200
++
++secure-delete (3.1-2) experimental; urgency=low
++
++ * Upload to experimental instead of unstable.
++ * Added description on how to test security to README.Debian.
++
++ -- Robert Lemmen <robertle@semistable.com> Mon, 2 May 2005 11:55:11 +0200
++
++secure-delete (3.1-1) unstable; urgency=low
++
++ * Initial Release.
++
++ -- Robert Lemmen <robertle@semistable.com> Thu, 29 Jan 2004 18:09:26 +0100
++
+--- secure-delete-3.1.orig/debian/copyright
++++ secure-delete-3.1/debian/copyright
+@@ -0,0 +1,17 @@
++This package was debianized by Robert Lemmen <robertle@semistable.com> on
++Thu, 29 Jan 2004 18:09:26 +0100.
++
++It was downloaded from http://www.thc.org
++
++Upstream Author: van Hauser <vh@thc.org>
++
++Copyright: 1999-2004 van Hauser
++
++ You are free to distribute this software under the terms of
++ the GNU General Public License.
++ On Debian systems, the complete text of the GNU General Public
++ License can be found in /usr/share/common-licenses/GPL file.
++
++The file "usenix6-gutmann.doc" is licensed under the "Creative Commons
++Attribution 3.0" license, which you can find at
++http://creativecommons.org/licenses/by/3.0/
+--- secure-delete-3.1.orig/debian/watch
++++ secure-delete-3.1/debian/watch
+@@ -0,0 +1,3 @@
++version=2
++http://www.thc.org/releases.php .*secure[-_]delete-(.*)\.tar\.gz
++
+--- secure-delete-3.1.orig/debian/README.Debian
++++ secure-delete-3.1/debian/README.Debian
+@@ -0,0 +1,56 @@
++secure-delete for Debian
++------------------------
++
++The original package and debian versions prio to 3.1-5 contained a utility
++called smem that wiped memory. This utility seems to be of limited use and
++clashes with another binary of the same name, it is therefore renamed to sdmem.
++
++The source for secure_delete contains a 2.4 kernel module that turns every
++call to unlink() into a secure remove, this module is not yet part of this
++package for technical reasons. if you need it please "apt_get source
++secure-delete" and build it yourself for now.
++
++Also note that securely wiping data from magnetic media is a difficult task and
++depends a lot on the filesystem in question (among other things). So there is no
++guarantee that this program will work in your configuration, but you can and
++should check for yourself by creating a loopback filesystem, mountig it and
++creating a file in it, then securely wiping it and grepping for it's contents in
++the loopback file:
++
++dd if=/dev/zero of=disk bs=4096 count=1024
++mke2fs disk
++losetup /dev/loop0 disk
++mkdir test
++mount /dev/loop0 test
++cd test
++for ((i=0; i<10000; i++))
++do
++ echo "ofenrohr" >> file;
++done
++cd ..
++umount test
++losetup -d /dev/loop0
++grep "ofenrohr" disk
++--> this should result in a "binary file disk matches"
++losetup /dev/loop0 disk
++mount /dev/loop0 test
++cd test
++srm file
++cd ..
++umount test
++losetup -d /dev/loop0
++grep "ofenrohr" disk
++--> this should not find anything
++
++Please make sure you use the correct filesystem type and options during the
++mkfs!
++
++Another general problem of wiping data from disks is that most harddisks will
++occasionally mark a sector as "bad" and copy it's contents to a new location
++that the disk will pretend is at the original location. Since this is completely
++transparent, there is no way to access these sectors without touching the disks
++hardware. These sectors may then contain sensitive information that could be
++retrieved from the disk. If you want better security, use an encrypting
++filesystem (dm-crypt, loop-aes), and forget the key if you want to wipe it.
++
++ -- Robert Lemmen <robertle@semistable.com>, Thu, 29 Jan 2004 18:09:26 +0100
+--- secure-delete-3.1.orig/debian/rules
++++ secure-delete-3.1/debian/rules
+@@ -0,0 +1,59 @@
++#!/usr/bin/make -f
++
++# Uncomment this to turn on verbose mode.
++#export DH_VERBOSE=1
++
++CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS)
++CFLAGS:=$(shell dpkg-buildflags --get CFLAGS)
++CXXFLAGS:=$(shell dpkg-buildflags --get CXXFLAGS)
++LDFLAGS:=$(shell dpkg-buildflags --get LDFLAGS)
++
++build: build-arch build-indep
++build-arch: build-stamp
++build-indep: build-stamp
++
++build-stamp:
++ dh_testdir
++ CFLAGS="$(CFLAGS) $(CPPFLAGS) $(LDFLAGS)" $(MAKE)
++ touch build-stamp
++
++clean:
++ dh_testdir
++ dh_testroot
++ rm -f build-stamp
++ $(MAKE) clean
++ dh_clean
++
++install: build
++ dh_testdir
++ dh_testroot
++ dh_prep
++ dh_installdirs
++ $(MAKE) install prefix=$(CURDIR)/debian/secure-delete/usr
++
++
++binary-indep: build install
++
++binary-arch: build install
++ dh_testdir
++ dh_testroot
++ dh_installchangelogs CHANGES
++ dh_installdocs README TODO
++ dh_installman sfill.1 srm.1 smem.1 sswap.1
++ # rename smem
++ mv $(CURDIR)/debian/secure-delete/usr/bin/smem \
++ $(CURDIR)/debian/secure-delete/usr/bin/sdmem
++ mv $(CURDIR)/debian/secure-delete/usr/share/man/man1/smem.1 \
++ $(CURDIR)/debian/secure-delete/usr/share/man/man1/sdmem.1
++ dh_link
++ dh_strip
++ dh_compress
++ dh_fixperms
++ dh_installdeb
++ dh_shlibdeps
++ dh_gencontrol
++ dh_md5sums
++ dh_builddeb
++
++binary: binary-indep binary-arch
++.PHONY: build clean binary-indep binary-arch binary install
+--- secure-delete-3.1.orig/debian/source/format
++++ secure-delete-3.1/debian/source/format
+@@ -0,0 +1 @@
++1.0
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-25 08:50:35 +0000