diff options
author | Edinaldo P. Silva <edps.mundognu@gmail.com> | 2015-09-20 09:56:17 +0700 |
---|---|---|
committer | Willy Sudiarto Raharjo <willysr@slackbuilds.org> | 2015-09-20 09:56:17 +0700 |
commit | 574c359c7893f4c3fd800f6f41f45defbd33c4ef (patch) | |
tree | bed644ebfa4f5650ab2d4c8c1495b298eaf8bd3b /system/secure-delete/secure-delete_3.1-6.diff | |
parent | a0b8800b04368441e036ae3ce2f37e4b3d1ac18d (diff) | |
download | slackbuilds-574c359c7893f4c3fd800f6f41f45defbd33c4ef.tar.gz |
system/secure-delete: Update patch.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'system/secure-delete/secure-delete_3.1-6.diff')
-rw-r--r-- | system/secure-delete/secure-delete_3.1-6.diff | 478 |
1 files changed, 478 insertions, 0 deletions
diff --git a/system/secure-delete/secure-delete_3.1-6.diff b/system/secure-delete/secure-delete_3.1-6.diff new file mode 100644 index 0000000000..288092f59a --- /dev/null +++ b/system/secure-delete/secure-delete_3.1-6.diff @@ -0,0 +1,478 @@ +--- secure-delete-3.1.orig/srm.1 ++++ secure-delete-3.1/srm.1 +@@ -55,7 +55,7 @@ + .TP + .B \-d + ignore the two special dot files . and .. on the commandline. (so you can +-execute it like "srm -d .* *") ++execute it like "srm \-d .* *") + .TP + .B \-f + fast (and insecure mode): no /dev/urandom, no synchronize mode. +@@ -65,7 +65,7 @@ + and a final mode random values. + .TP + .B \-l +--l for a second time lessons the security even more: only one random pass ++\-l for a second time lessons the security even more: only one random pass + is written. + .TP + .B \-r +@@ -95,7 +95,7 @@ + which comes with the + .I secure_deletion package + to ensure to wipe also the free diskspace. However, If already a small +-file aquired a block with your precious data, no tool known to me can help ++file acquired a block with your precious data, no tool known to me can help + you here. For a secure deletion of the swap space + .I sswap + is available. +@@ -136,5 +136,5 @@ + (1), + .I sswap + (1), +-.I smem ++.I sdmem + (1) +--- secure-delete-3.1.orig/sfill.1 ++++ secure-delete-3.1/sfill.1 +@@ -16,7 +16,7 @@ + is designed to delete data which lies on available diskspace on mediums + in a secure manner which can not be recovered by thiefs, law enforcement + or other threats. +-The wipe algorythm is based on the paper "Secure Deletion of Data from ++The wipe algorithm is based on the paper "Secure Deletion of Data from + Magnetic and Solid-State Memory" presented at the 6th Usenix Security + Symposium by Peter Gutmann, one of the leading civilian cryptographers. + .PP +@@ -59,7 +59,7 @@ + and a final mode with random values. + .TP + .B \-l +--l for a second time lessons the security even more: only one random pass ++\-l for a second time lessons the security even more: only one random pass + is written. + .TP + .B \-v +@@ -130,5 +130,5 @@ + (1), + .I sswap + (1), +-.I smem ++.I sdmem + (1) +--- secure-delete-3.1.orig/Makefile ++++ secure-delete-3.1/Makefile +@@ -1,19 +1,19 @@ + CC=gcc +-OPT=-O2 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE ++OPT=$(CFLAGS) -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE + #OPT=-Wall -D_DEBUG_ -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE +-INSTALL_DIR=/usr/local/bin ++INSTALL_DIR=$(prefix)/bin + MAN_DIR=/usr/local/man + DOC_DIR=/usr/share/doc/secure_delete + OPT_MOD=-D__KERNEL__ -DMODULE -fomit-frame-pointer -fno-strict-aliasing -pipe -mpreferred-stack-boundary=2 + #LD_MOD=-r + +-all: sdel-lib.o srm sfill sswap smem sdel-mod.o +- @echo +- @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is" +- @echo "having fun." +- @echo +- @echo "I hope YOU have fun!" +- @echo ++all: sdel-lib.o srm sfill sswap smem ++# @echo ++# @echo "A Puritan is someone who is deathly afraid that someone, somewhere, is" ++# @echo "having fun." ++# @echo ++# @echo "I hope YOU have fun!" ++# @echo + + sdel-mod.o: sdel-mod.c + $(CC) $(OPT) $(OPT_MOD) $(LD_MOD) -I/lib/modules/`uname -r`/build/include -c sdel-mod.c +@@ -23,32 +23,28 @@ + + srm: srm.c + $(CC) ${OPT} -o srm srm.c sdel-lib.o +- -strip srm + sfill: sfill.c + $(CC) ${OPT} -o sfill sfill.c sdel-lib.o +- -strip sfill + sswap: sswap.c + $(CC) ${OPT} -o sswap sswap.c sdel-lib.o +- -strip sswap + smem: smem.c + $(CC) ${OPT} -o smem smem.c sdel-lib.o +- -strip smem + + clean: + rm -f sfill srm sswap smem sdel sdel-lib.o sdel-mod.o core *~ + + install: all + mkdir -p -m 755 ${INSTALL_DIR} 2> /dev/null +- rm -f sdel && ln -s srm sdel +- cp -f sdel srm sfill sswap smem the_cleaner.sh ${INSTALL_DIR} +- chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem ${INSTALL_DIR}/the_cleaner.sh +- mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null +- cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1 +- chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1 +- mkdir -p -m 755 ${DOC_DIR} 2> /dev/null +- cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR} +- -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char ++# rm -f sdel && ln -s srm sdel ++ cp -f srm sfill sswap smem ${INSTALL_DIR} ++ chmod 711 ${INSTALL_DIR}/srm ${INSTALL_DIR}/sfill ${INSTALL_DIR}/sswap ${INSTALL_DIR}/smem ++# mkdir -p -m 755 ${MAN_DIR}/man1 2> /dev/null ++# cp -f srm.1 sfill.1 sswap.1 smem.1 ${MAN_DIR}/man1 ++# chmod 644 ${MAN_DIR}/man1/srm.1 ${MAN_DIR}/man1/sfill.1 ${MAN_DIR}/man1/sswap.1 ${MAN_DIR}/man1/smem.1 ++# mkdir -p -m 755 ${DOC_DIR} 2> /dev/null ++# cp -f CHANGES FILES README secure_delete.doc usenix6-gutmann.doc ${DOC_DIR} ++# -test -e sdel-mod.o && cp -f sdel-mod.o /lib/modules/`uname -r`/kernel/drivers/char + # @-test '!' -e sdel-mod.o -a `uname -s` = 'Linux' && echo "type \"make sdel-mod install\" to compile and install the Linux loadable kernel module for secure delete" +- @echo +- @echo "If men could get pregnant, abortion would be a sacrament." +- @echo ++# @echo ++# @echo "If men could get pregnant, abortion would be a sacrament." ++# @echo +--- secure-delete-3.1.orig/srm.c ++++ secure-delete-3.1/srm.c +@@ -110,7 +110,7 @@ + if ( (filestat.st_dev != controlstat.st_dev) || (filestat.st_ino != controlstat.st_ino) ) { + fprintf(stderr, "Race found! (directory %s became a link)\n", filename); + } else { +- if ((dir = opendir (".")) != NULL) { ++ if ((dir = opendir (".")) < 0) { + (void) chmod(".", 0700); /* ignore permission errors */ + dir = opendir ("."); + } +@@ -166,8 +166,10 @@ + return 3; + } + +- if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0) ++ if (sdel_overwrite(mode, fd, 0, bufsize, filestat.st_size > 0 ? filestat.st_size : 1, zero) == 0) { ++ close(fd); + return sdel_unlink(filename, 0, 1, slow); ++ } + } /* end IS_REG() */ + else { + if (S_ISDIR(filestat.st_mode)) { +--- secure-delete-3.1.orig/smem.1 ++++ secure-delete-3.1/smem.1 +@@ -3,16 +3,16 @@ + .if n .sp + .if t .sp 0.4 + .. +-.TH SMEM 1 ++.TH SDMEM 1 + + .SH NAME +-smem \- secure memory wiper (secure_deletion toolkit) ++sdmem \- secure memory wiper (secure_deletion toolkit) + + .SH SYNOPSIS +-.B smem [-f] [-l] [-l] [-v] ++.B sdmem [-f] [-l] [-l] [-v] + + .SH DESCRIPTION +-.I smem ++.I sdmem + is designed to delete data which may lie still in your memory (RAM) + in a secure manner which can not be recovered by thiefs, law enforcement + or other threats. +@@ -24,7 +24,7 @@ + .PP + The + .I secure data deletion +-process of smem goes like this: ++process of sdmem goes like this: + .PP + .TP + .B * +@@ -51,20 +51,26 @@ + and a final random one. + .TP + .B \-l +--l for a second time lessons the security even more: only one pass with ++\-l for a second time lessons the security even more: only one pass with + 0x00 is written. + .TP + .B \-v + verbose mode + .PP + ++.SH NOTE ++.TP ++This utility was originally called ++.I smem ++but was renamed for debian to avoid name clashes with another package. ++ + .SH BEWARE + .TP + .B SLOW +-Wiping the memory is very slow. You might use smem with the -ll option. (tip) ++Wiping the memory is very slow. You might use sdmem with the \-ll option. (tip) + .TP + .B BETA! +-.I smem ++.I sdmem + is still beta. + + .PP +@@ -84,7 +90,7 @@ + can be obtained from + .I http://www.thc.org + .Sp +-.I smem ++.I sdmem + and the + .I secure_deletion package + is (C) 1997-2003 by van Hauser / THC (vh@thc.org) +--- secure-delete-3.1.orig/sswap.1 ++++ secure-delete-3.1/sswap.1 +@@ -49,7 +49,7 @@ + a final mode with random values. + .TP + .B \-l +--l for a second time lessons the security even more: only one pass with ++\-l for a second time lessons the security even more: only one pass with + random values is written. + .TP + .B \-v +@@ -106,5 +106,5 @@ + (1), + .I sfill + (1), +-.I smem ++.I sdmem + (1) +--- secure-delete-3.1.orig/debian/docs ++++ secure-delete-3.1/debian/docs +@@ -0,0 +1,4 @@ ++README ++TODO ++secure_delete.doc ++usenix6-gutmann.doc +--- secure-delete-3.1.orig/debian/control ++++ secure-delete-3.1/debian/control +@@ -0,0 +1,13 @@ ++Source: secure-delete ++Section: utils ++Priority: optional ++Maintainer: Robert Lemmen <robertle@semistable.com> ++Build-Depends: debhelper (>= 7.0.0) ++Standards-Version: 3.9.4 ++ ++Package: secure-delete ++Architecture: any ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Description: tools to wipe files, free disk space, swap and memory ++ Gutmann method based tools for securely wiping data from files, free ++ disk space, swap and memory: srm, sfill, sswap and sdmem. +--- secure-delete-3.1.orig/debian/compat ++++ secure-delete-3.1/debian/compat +@@ -0,0 +1 @@ ++7 +--- secure-delete-3.1.orig/debian/changelog ++++ secure-delete-3.1/debian/changelog +@@ -0,0 +1,46 @@ ++secure-delete (3.1-6) unstable; urgency=low ++ ++ * Enable hardening flags during build ++ * Update packaging ++ * Bump standards-version ++ * Fix a few minus-vs-hyphen bugs in manpages ++ * Fixed a few typos (closes: #486018, #653260) ++ * Tone down description a little bit and include binary names ++ (closes: #680336, #538151) ++ ++ -- Robert Lemmen <robertle@semistable.com> Fri, 05 Jul 2013 08:50:37 +0100 ++ ++secure-delete (3.1-5) unstable; urgency=low ++ ++ * Rename smem to sdmem to avoid name clash with smem package ++ * Bumped Standards-Version to 3.8.3 and related fixes ++ ++ -- Robert Lemmen <robertle@semistable.com> Tue, 05 Jan 2010 14:55:00 +0000 ++ ++secure-delete (3.1-4) unstable; urgency=low ++ ++ * Fixed licensing info (closes: #428102) ++ * Fixed handling of nostrip build option (closes: #438009) ++ ++ -- Robert Lemmen <robertle@semistable.com> Tue, 28 Aug 2007 13:21:17 +0200 ++ ++secure-delete (3.1-3) unstable; urgency=low ++ ++ * Moved from experimental ++ * Added more documentation ++ ++ -- Robert Lemmen <robertle@semistable.com> Thu, 5 Oct 2006 22:04:17 +0200 ++ ++secure-delete (3.1-2) experimental; urgency=low ++ ++ * Upload to experimental instead of unstable. ++ * Added description on how to test security to README.Debian. ++ ++ -- Robert Lemmen <robertle@semistable.com> Mon, 2 May 2005 11:55:11 +0200 ++ ++secure-delete (3.1-1) unstable; urgency=low ++ ++ * Initial Release. ++ ++ -- Robert Lemmen <robertle@semistable.com> Thu, 29 Jan 2004 18:09:26 +0100 ++ +--- secure-delete-3.1.orig/debian/copyright ++++ secure-delete-3.1/debian/copyright +@@ -0,0 +1,17 @@ ++This package was debianized by Robert Lemmen <robertle@semistable.com> on ++Thu, 29 Jan 2004 18:09:26 +0100. ++ ++It was downloaded from http://www.thc.org ++ ++Upstream Author: van Hauser <vh@thc.org> ++ ++Copyright: 1999-2004 van Hauser ++ ++ You are free to distribute this software under the terms of ++ the GNU General Public License. ++ On Debian systems, the complete text of the GNU General Public ++ License can be found in /usr/share/common-licenses/GPL file. ++ ++The file "usenix6-gutmann.doc" is licensed under the "Creative Commons ++Attribution 3.0" license, which you can find at ++http://creativecommons.org/licenses/by/3.0/ +--- secure-delete-3.1.orig/debian/watch ++++ secure-delete-3.1/debian/watch +@@ -0,0 +1,3 @@ ++version=2 ++http://www.thc.org/releases.php .*secure[-_]delete-(.*)\.tar\.gz ++ +--- secure-delete-3.1.orig/debian/README.Debian ++++ secure-delete-3.1/debian/README.Debian +@@ -0,0 +1,56 @@ ++secure-delete for Debian ++------------------------ ++ ++The original package and debian versions prio to 3.1-5 contained a utility ++called smem that wiped memory. This utility seems to be of limited use and ++clashes with another binary of the same name, it is therefore renamed to sdmem. ++ ++The source for secure_delete contains a 2.4 kernel module that turns every ++call to unlink() into a secure remove, this module is not yet part of this ++package for technical reasons. if you need it please "apt_get source ++secure-delete" and build it yourself for now. ++ ++Also note that securely wiping data from magnetic media is a difficult task and ++depends a lot on the filesystem in question (among other things). So there is no ++guarantee that this program will work in your configuration, but you can and ++should check for yourself by creating a loopback filesystem, mountig it and ++creating a file in it, then securely wiping it and grepping for it's contents in ++the loopback file: ++ ++dd if=/dev/zero of=disk bs=4096 count=1024 ++mke2fs disk ++losetup /dev/loop0 disk ++mkdir test ++mount /dev/loop0 test ++cd test ++for ((i=0; i<10000; i++)) ++do ++ echo "ofenrohr" >> file; ++done ++cd .. ++umount test ++losetup -d /dev/loop0 ++grep "ofenrohr" disk ++--> this should result in a "binary file disk matches" ++losetup /dev/loop0 disk ++mount /dev/loop0 test ++cd test ++srm file ++cd .. ++umount test ++losetup -d /dev/loop0 ++grep "ofenrohr" disk ++--> this should not find anything ++ ++Please make sure you use the correct filesystem type and options during the ++mkfs! ++ ++Another general problem of wiping data from disks is that most harddisks will ++occasionally mark a sector as "bad" and copy it's contents to a new location ++that the disk will pretend is at the original location. Since this is completely ++transparent, there is no way to access these sectors without touching the disks ++hardware. These sectors may then contain sensitive information that could be ++retrieved from the disk. If you want better security, use an encrypting ++filesystem (dm-crypt, loop-aes), and forget the key if you want to wipe it. ++ ++ -- Robert Lemmen <robertle@semistable.com>, Thu, 29 Jan 2004 18:09:26 +0100 +--- secure-delete-3.1.orig/debian/rules ++++ secure-delete-3.1/debian/rules +@@ -0,0 +1,59 @@ ++#!/usr/bin/make -f ++ ++# Uncomment this to turn on verbose mode. ++#export DH_VERBOSE=1 ++ ++CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS) ++CFLAGS:=$(shell dpkg-buildflags --get CFLAGS) ++CXXFLAGS:=$(shell dpkg-buildflags --get CXXFLAGS) ++LDFLAGS:=$(shell dpkg-buildflags --get LDFLAGS) ++ ++build: build-arch build-indep ++build-arch: build-stamp ++build-indep: build-stamp ++ ++build-stamp: ++ dh_testdir ++ CFLAGS="$(CFLAGS) $(CPPFLAGS) $(LDFLAGS)" $(MAKE) ++ touch build-stamp ++ ++clean: ++ dh_testdir ++ dh_testroot ++ rm -f build-stamp ++ $(MAKE) clean ++ dh_clean ++ ++install: build ++ dh_testdir ++ dh_testroot ++ dh_prep ++ dh_installdirs ++ $(MAKE) install prefix=$(CURDIR)/debian/secure-delete/usr ++ ++ ++binary-indep: build install ++ ++binary-arch: build install ++ dh_testdir ++ dh_testroot ++ dh_installchangelogs CHANGES ++ dh_installdocs README TODO ++ dh_installman sfill.1 srm.1 smem.1 sswap.1 ++ # rename smem ++ mv $(CURDIR)/debian/secure-delete/usr/bin/smem \ ++ $(CURDIR)/debian/secure-delete/usr/bin/sdmem ++ mv $(CURDIR)/debian/secure-delete/usr/share/man/man1/smem.1 \ ++ $(CURDIR)/debian/secure-delete/usr/share/man/man1/sdmem.1 ++ dh_link ++ dh_strip ++ dh_compress ++ dh_fixperms ++ dh_installdeb ++ dh_shlibdeps ++ dh_gencontrol ++ dh_md5sums ++ dh_builddeb ++ ++binary: binary-indep binary-arch ++.PHONY: build clean binary-indep binary-arch binary install +--- secure-delete-3.1.orig/debian/source/format ++++ secure-delete-3.1/debian/source/format +@@ -0,0 +1 @@ ++1.0 |