--- secure-delete-3.1.orig/srm.1
+++ secure-delete-3.1/srm.1
@@ -55,7 +55,7 @@
.TP
.B \-d
ignore the two special dot files . and .. on the commandline. (so you can
-execute it like "srm -d .* *")
+execute it like "srm \-d .* *")
.TP
.B \-f
fast (and insecure mode): no /dev/urandom, no synchronize mode.
@@ -65,7 +65,7 @@
and a final mode random values.
.TP
.B \-l
--l for a second time lessons the security even more: only one random pass
+\-l for a second time lessons the security even more: only one random pass
is written.
.TP
.B \-r
@@ -95,7 +95,7 @@
which comes with the
.I secure_deletion package
to ensure to wipe also the free diskspace. However, If already a small
-file aquired a block with your precious data, no tool known to me can help
+file acquired a block with your precious data, no tool known to me can help
you here. For a secure deletion of the swap space
.I sswap
is available.
@@ -136,5 +136,5 @@
(1),
.I sswap
(1),
-.I smem
+.I sdmem
(1)
--- secure-delete-3.1.orig/sfill.1
+++ secure-delete-3.1/sfill.1
@@ -16,7 +16,7 @@
is designed to delete data which lies on available diskspace on mediums
in a secure manner which can not be recovered by thiefs, law enforcement
or other threats.
-The wipe algorythm is based on the paper "Secure Deletion of Data from
+The wipe algorithm is based on the paper "Secure Deletion of Data from
Magnetic and Solid-State Memory" presented at the 6th Usenix Security
Symposium by Peter Gutmann, one of the leading civilian cryptographers.
.PP
@@ -59,7 +59,7 @@
and a final mode with random values.
.TP
.B \-l
--l for a second time lessons the security even more: only one random pass
+\-l for a second time lessons the security even more: only one random pass
is written.
.TP
.B \-v
@@ -130,5 +130,5 @@
(1),
.I sswap
(1),
-.I smem
+.I sdmem
(1)
--- secure-delete-3.1.orig/Makefile
+++ secure-delete-3.1/Makefile
@@ -1,19 +1,19 @@
CC=gcc
-OPT=-O2 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+OPT=$(CFLAGS) -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
#OPT=-Wall -D_DEBUG_ -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
-INSTALL_DIR=/usr/local/bin
+INSTALL_DIR=$(prefix)/bin
MAN_DIR=/usr/local/man
DOC_DIR=/usr/share/doc/secure_delete
OPT_MOD=-D__KERNEL__ -DMODULE -fomit-frame-pointer -fno-strict-aliasing -pipe -mpreferred-stack-boundary=2
#LD_MOD=-r
-all: sdel-lib.o srm sfill sswap smem sdel-mod.o
- @echo
- @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is"
- @echo "having fun."
- @echo
- @echo "I hope YOU have fun!"
- @echo
+all: sdel-lib.o srm sfill sswap smem
+# @echo
+# @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is"
+# @echo "having fun."
+# @echo
+# @echo "I hope YOU have fun!"
+# @echo
sdel-mod.o: sdel-mod.c
$(CC) $(OPT) $(OPT_MOD) $(LD_MOD) -I/lib/modules/`uname -r`/build/include -c sdel-mod.c
@@ -23,32 +23,28 @@
srm: srm.c
$(CC) ${OPT} -o srm srm.c sdel-lib.o
- -strip srm
sfill: sfill.c
$(CC) ${OPT} -o sfill sfill.c sdel-lib.o
- -strip sfill
sswap: sswap.c
$(CC) ${OPT} -o sswap sswap.c sdel-lib.o
- -strip sswap
smem: smem.c
$(CC) ${OPT} -o smem smem.c sdel-lib.o
- -strip smem
clean:
rm -f sfill srm sswap smem sdel sdel-lib.o sdel-mod.o core *~
install: all
mkdir -p -m 755 ${INSTALL_DIR} 2> /dev/null
- rm -f sdel && ln -s srm sdel
- cp -f sdel srm sfill sswap smem the_cleaner.sh ${INSTALL_DIR}
- chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem ${INSTALL_DIR}/the_cleaner.sh
- mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null
- cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1
- chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1
- mkdir -p -m 755 ${DOC_DIR} 2> /dev/null
- cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR}
- -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char
+# rm -f sdel && ln -s srm sdel
+ cp -f srm sfill sswap smem ${INSTALL_DIR}
+ chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem
+# mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null
+# cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1
+# chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1
+# mkdir -p -m 755 ${DOC_DIR} 2> /dev/null
+# cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR}
+# -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char
# @-test '!' -e sdel-mod.o -a `uname -s` = 'Linux' && echo "type \"make sdel-mod install\" to compile and install the Linux loadable kernel module for secure delete"
- @echo
- @echo "If men could get pregnant, abortion would be a sacrament."
- @echo
+# @echo
+# @echo "If men could get pregnant, abortion would be a sacrament."
+# @echo
--- secure-delete-3.1.orig/srm.c
+++ secure-delete-3.1/srm.c
@@ -110,7 +110,7 @@
if ( (filestat.st_dev != controlstat.st_dev) || (filestat.st_ino != controlstat.st_ino) ) {
fprintf(stderr, "Race found! (directory %s became a link)\n", filename);
} else {
- if ((dir = opendir (".")) != NULL) {
+ if ((dir = opendir (".")) < 0) {
(void) chmod(".", 0700); /* ignore permission errors */
dir = opendir (".");
}
@@ -166,8 +166,10 @@
return 3;
}
- if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0)
+ if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0) {
+ close(fd);
return sdel_unlink(filename, 0, 1, slow);
+ }
} /* end IS_REG() */
else {
if (S_ISDIR(filestat.st_mode)) {
--- secure-delete-3.1.orig/smem.1
+++ secure-delete-3.1/smem.1
@@ -3,16 +3,16 @@
.if n .sp
.if t .sp 0.4
..
-.TH SMEM 1
+.TH SDMEM 1
.SH NAME
-smem \- secure memory wiper (secure_deletion toolkit)
+sdmem \- secure memory wiper (secure_deletion toolkit)
.SH SYNOPSIS
-.B smem [-f] [-l] [-l] [-v]
+.B sdmem [-f] [-l] [-l] [-v]
.SH DESCRIPTION
-.I smem
+.I sdmem
is designed to delete data which may lie still in your memory (RAM)
in a secure manner which can not be recovered by thiefs, law enforcement
or other threats.
@@ -24,7 +24,7 @@
.PP
The
.I secure data deletion
-process of smem goes like this:
+process of sdmem goes like this:
.PP
.TP
.B *
@@ -51,20 +51,26 @@
and a final random one.
.TP
.B \-l
--l for a second time lessons the security even more: only one pass with
+\-l for a second time lessons the security even more: only one pass with
0x00 is written.
.TP
.B \-v
verbose mode
.PP
+.SH NOTE
+.TP
+This utility was originally called
+.I smem
+but was renamed for debian to avoid name clashes with another package.
+
.SH BEWARE
.TP
.B SLOW
-Wiping the memory is very slow. You might use smem with the -ll option. (tip)
+Wiping the memory is very slow. You might use sdmem with the \-ll option. (tip)
.TP
.B BETA!
-.I smem
+.I sdmem
is still beta.
.PP
@@ -84,7 +90,7 @@
can be obtained from
.I http://www.thc.org
.Sp
-.I smem
+.I sdmem
and the
.I secure_deletion package
is (C) 1997-2003 by van Hauser / THC (vh@thc.org)
--- secure-delete-3.1.orig/sswap.1
+++ secure-delete-3.1/sswap.1
@@ -49,7 +49,7 @@
a final mode with random values.
.TP
.B \-l
--l for a second time lessons the security even more: only one pass with
+\-l for a second time lessons the security even more: only one pass with
random values is written.
.TP
.B \-v
@@ -106,5 +106,5 @@
(1),
.I sfill
(1),
-.I smem
+.I sdmem
(1)
--- secure-delete-3.1.orig/debian/docs
+++ secure-delete-3.1/debian/docs
@@ -0,0 +1,4 @@
+README
+TODO
+secure_delete.doc
+usenix6-gutmann.doc
--- secure-delete-3.1.orig/debian/control
+++ secure-delete-3.1/debian/control
@@ -0,0 +1,13 @@
+Source: secure-delete
+Section: utils
+Priority: optional
+Maintainer: Robert Lemmen <robertle@semistable.com>
+Build-Depends: debhelper (>= 7.0.0)
+Standards-Version: 3.9.4
+
+Package: secure-delete
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: tools to wipe files, free disk space, swap and memory
+ Gutmann method based tools for securely wiping data from files, free
+ disk space, swap and memory: srm, sfill, sswap and sdmem.
--- secure-delete-3.1.orig/debian/compat
+++ secure-delete-3.1/debian/compat
@@ -0,0 +1 @@
+7
--- secure-delete-3.1.orig/debian/changelog
+++ secure-delete-3.1/debian/changelog
@@ -0,0 +1,46 @@
+secure-delete (3.1-6) unstable; urgency=low
+
+ * Enable hardening flags during build
+ * Update packaging
+ * Bump standards-version
+ * Fix a few minus-vs-hyphen bugs in manpages
+ * Fixed a few typos (closes: #486018, #653260)
+ * Tone down description a little bit and include binary names
+ (closes: #680336, #538151)
+
+ -- Robert Lemmen <robertle@semistable.com> Fri, 05 Jul 2013 08:50:37 +0100
+
+secure-delete (3.1-5) unstable; urgency=low
+
+ * Rename smem to sdmem to avoid name clash with smem package
+ * Bumped Standards-Version to 3.8.3 and related fixes
+
+ -- Robert Lemmen <robertle@semistable.com> Tue, 05 Jan 2010 14:55:00 +0000
+
+secure-delete (3.1-4) unstable; urgency=low
+
+ * Fixed licensing info (closes: #428102)
+ * Fixed handling of nostrip build option (closes: #438009)
+
+ -- Robert Lemmen <robertle@semistable.com> Tue, 28 Aug 2007 13:21:17 +0200
+
+secure-delete (3.1-3) unstable; urgency=low
+
+ * Moved from experimental
+ * Added more documentation
+
+ -- Robert Lemmen <robertle@semistable.com> Thu, 5 Oct 2006 22:04:17 +0200
+
+secure-delete (3.1-2) experimental; urgency=low
+
+ * Upload to experimental instead of unstable.
+ * Added description on how to test security to README.Debian.
+
+ -- Robert Lemmen <robertle@semistable.com> Mon, 2 May 2005 11:55:11 +0200
+
+secure-delete (3.1-1) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Robert Lemmen <robertle@semistable.com> Thu, 29 Jan 2004 18:09:26 +0100
+
--- secure-delete-3.1.orig/debian/copyright
+++ secure-delete-3.1/debian/copyright
@@ -0,0 +1,17 @@
+This package was debianized by Robert Lemmen <robertle@semistable.com> on
+Thu, 29 Jan 2004 18:09:26 +0100.
+
+It was downloaded from http://www.thc.org
+
+Upstream Author: van Hauser <vh@thc.org>
+
+Copyright: 1999-2004 van Hauser
+
+ You are free to distribute this software under the terms of
+ the GNU General Public License.
+ On Debian systems, the complete text of the GNU General Public
+ License can be found in /usr/share/common-licenses/GPL file.
+
+The file "usenix6-gutmann.doc" is licensed under the "Creative Commons
+Attribution 3.0" license, which you can find at
+http://creativecommons.org/licenses/by/3.0/
--- secure-delete-3.1.orig/debian/watch
+++ secure-delete-3.1/debian/watch
@@ -0,0 +1,3 @@
+version=2
+http://www.thc.org/releases.php .*secure[-_]delete-(.*)\.tar\.gz
+
--- secure-delete-3.1.orig/debian/README.Debian
+++ secure-delete-3.1/debian/README.Debian
@@ -0,0 +1,56 @@
+secure-delete for Debian
+------------------------
+
+The original package and debian versions prio to 3.1-5 contained a utility
+called smem that wiped memory. This utility seems to be of limited use and
+clashes with another binary of the same name, it is therefore renamed to sdmem.
+
+The source for secure_delete contains a 2.4 kernel module that turns every
+call to unlink() into a secure remove, this module is not yet part of this
+package for technical reasons. if you need it please "apt_get source
+secure-delete" and build it yourself for now.
+
+Also note that securely wiping data from magnetic media is a difficult task and
+depends a lot on the filesystem in question (among other things). So there is no
+guarantee that this program will work in your configuration, but you can and
+should check for yourself by creating a loopback filesystem, mountig it and
+creating a file in it, then securely wiping it and grepping for it's contents in
+the loopback file:
+
+dd if=/dev/zero of=disk bs=4096 count=1024
+mke2fs disk
+losetup /dev/loop0 disk
+mkdir test
+mount /dev/loop0 test
+cd test
+for ((i=0; i<10000; i++))
+do
+ echo "ofenrohr" >> file;
+done
+cd ..
+umount test
+losetup -d /dev/loop0
+grep "ofenrohr" disk
+--> this should result in a "binary file disk matches"
+losetup /dev/loop0 disk
+mount /dev/loop0 test
+cd test
+srm file
+cd ..
+umount test
+losetup -d /dev/loop0
+grep "ofenrohr" disk
+--> this should not find anything
+
+Please make sure you use the correct filesystem type and options during the
+mkfs!
+
+Another general problem of wiping data from disks is that most harddisks will
+occasionally mark a sector as "bad" and copy it's contents to a new location
+that the disk will pretend is at the original location. Since this is completely
+transparent, there is no way to access these sectors without touching the disks
+hardware. These sectors may then contain sensitive information that could be
+retrieved from the disk. If you want better security, use an encrypting
+filesystem (dm-crypt, loop-aes), and forget the key if you want to wipe it.
+
+ -- Robert Lemmen <robertle@semistable.com>, Thu, 29 Jan 2004 18:09:26 +0100
--- secure-delete-3.1.orig/debian/rules
+++ secure-delete-3.1/debian/rules
@@ -0,0 +1,59 @@
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS)
+CFLAGS:=$(shell dpkg-buildflags --get CFLAGS)
+CXXFLAGS:=$(shell dpkg-buildflags --get CXXFLAGS)
+LDFLAGS:=$(shell dpkg-buildflags --get LDFLAGS)
+
+build: build-arch build-indep
+build-arch: build-stamp
+build-indep: build-stamp
+
+build-stamp:
+ dh_testdir
+ CFLAGS="$(CFLAGS) $(CPPFLAGS) $(LDFLAGS)" $(MAKE)
+ touch build-stamp
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+ $(MAKE) clean
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_prep
+ dh_installdirs
+ $(MAKE) install prefix=$(CURDIR)/debian/secure-delete/usr
+
+
+binary-indep: build install
+
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs CHANGES
+ dh_installdocs README TODO
+ dh_installman sfill.1 srm.1 smem.1 sswap.1
+ # rename smem
+ mv $(CURDIR)/debian/secure-delete/usr/bin/smem \
+ $(CURDIR)/debian/secure-delete/usr/bin/sdmem
+ mv $(CURDIR)/debian/secure-delete/usr/share/man/man1/smem.1 \
+ $(CURDIR)/debian/secure-delete/usr/share/man/man1/sdmem.1
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
--- secure-delete-3.1.orig/debian/source/format
+++ secure-delete-3.1/debian/source/format
@@ -0,0 +1 @@
+1.0
|
