[17128] in bugtraq
Shred 1.0 Bug Report
daemon@ATHENA.MIT.EDU (Jeff Harlan)
Tue Oct 10 12:25:47 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <39E33997.94F3F948@mail.sprint.com>
Date: Tue, 10 Oct 2000 08:45:27 -0700
Reply-To: Jeff Harlan <Jeff.Harlan@MAIL.SPRINT.COM>
From: Jeff Harlan <Jeff.Harlan@MAIL.SPRINT.COM>
X-To: thegrendel@theriver.com, tct users <tct-users@porcupine.org>
To: BUGTRAQ@SECURITYFOCUS.COM
Greetings,
Ran a test with Shred v1.0 and found some
unexpected results. This utility is supposed to
overwrite a file with several passes of different
bit patterns followed by one random pattern. The
file is then unlinked. This is supposed to make
the file unrecoverable with utilities which read
raw disk blocks. Using the icat utility from Dan
Farmer and Wietze Venema's TCT Toolkit it appears
that the data is not overwritten. This test was
done on two different RedHat 6.0 systems.
http://personal.riverusers.com/~thegrendel/shred-1.0.tar.gz
[root test]# ls -il shred.me
1298547 -rw-rw-r-- 1 jharlan jharlan 17 Oct 10 08:25 shred.me
[root test]# icat /dev/hda5 1298547
shred this puppy
[root test]# shred shred.me
Are you sure you want to delete shred.me? y
1000 bytes have been overwritten.
The file shred.me has been destroyed!
[root test]# icat /dev/hda5 1298547
shred this puppy
[root test]#
Since this bug does not present an immediate
threat of attack from outsiders the author of
this program is being notified by this post.
Jeff
jeff.harlan@mail.sprint.com
