Raspiblitz: Shred usage

Created on 2 May 2020  路  1Comment  路  Source: rootzoll/raspiblitz

@rootzoll What is the intention of the shred calls - e.g. in setpassword https://github.com/rootzoll/raspiblitz/blob/d0a24b295e4b6a1034c8e747bf28a1ee5776c9be/home.admin/config.scripts/blitz.setpassword.sh#L96

Calling shred without parameters leaves the file behind (with random/garbage content). shred -u will also delete the file leaving behind less clutter.

question
Source
picture frennkie

Most helpful comment

The intension is to minimize the risk that temporary storage data can be recontructed and reveal sensible data. Using the -u option makes sense.

Best way would be not to temp store passwords at all and just keep as a var in mem. I recently found a way how to do that with with whiptal ... I will also replace that for the password entries.

picture rootzoll on 2 May 2020
👍2

>All comments

The intension is to minimize the risk that temporary storage data can be recontructed and reveal sensible data. Using the -u option makes sense.

Best way would be not to temp store passwords at all and just keep as a var in mem. I recently found a way how to do that with with whiptal ... I will also replace that for the password entries.

rootzoll picture rootzoll on 2 May 2020
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rootzoll picture rootzoll  路  4Comments
fluidvoice picture fluidvoice  路  3Comments
openoms picture openoms  路  4Comments
shawnyeager picture shawnyeager  路  3Comments
rootzoll picture rootzoll  路  3Comments