[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Master passphrase approach, authn storage, cobwebs in C-Mike's head, ...

From: Branko Čibej <brane_at_apache.org>
Date: Fri, 06 Apr 2012 19:28:19 +0200

On 06.04.2012 17:07, C. Michael Pilato wrote:
> On 04/06/2012 11:02 AM, Branko Čibej wrote:
>>> *sigh* I hadn't considered stale, compromised data not yet purged or
>>> overwritten. Does SQLite's VACUUM statement help with this problem?
>>> http://sqlite.org/lang_vacuum.html
>> Vacuum will reorder the pages in the file to fill holes, but will then
>> truncate the database file without first overwriting it with random
>> crud. So, no, that's not good enough.
> Hrm. Given the statements that the "VACUUM command rebuilds the entire
> database" and that the "VACUUM command works by copying the contents of the
> database into a temporary database file and then overwriting the original
> with the contents of the temporary file", I would have expected better.

That's actually even worse, "overwriting the original" most likely means
it does a FS-level rename, this leaving the /entire/ contents of the
original file on disk. :)

-- Brane
Received on 2012-04-06 19:28:27 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.