LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-12-2011, 10:55 PM   #1
kienlarsen
Member
 
Registered: Apr 2011
Posts: 76

Rep: Reputation: 0
How to delete the file and its actual associated data?


I'm confused about "hard link" feature. I've been learning from my UNIX Academy DVDs training that hard links to a file can be many and each of them is an effective filename for the associated data. So let assume that we have some very sensitive data in a file and we want it to be deleted and file has 20 links. I "delete" a file, but in fact I deleted only one "name" of it. My understanding from the training that data is still there until we delete the last associated hard link. But how can I find the names of all of them? If we have the names, they can be removed one by one. Or may be there's command that can trace all the "names" and remove them at once?
 
Old 05-12-2011, 11:47 PM   #2
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

Hi there,

When you hard link a file to another file, the file that is created also have the same inode number as that of the original file (That is the funda of hardlink) which means it is a mirror of the source file. You can find all the files with the same inode number by running the following command:

find / -inum inode_number

You can find the inode number of a file by running ls -i under the directory it is located.

For the deletion part (though I have never tried it) you can have a look at the following link: http://www.cyberciti.biz/tips/delete...de-number.html

I hope this helps.

Last edited by T3RM1NVT0R; 05-12-2011 at 11:51 PM.
 
1 members found this post helpful.
Old 05-13-2011, 12:03 AM   #3
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,131
Blog Entries: 2

Rep: Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833
T3RM1NVT0R is right on this. Keep in mind that the actual data never will be deleted, even if you remove all the hardlinks. Only the link through the inode will be removed. The data will only become unrecoverable when the data is overwritten. To really get rid of sensible data you should zero out the file before removing.
 
Old 05-13-2011, 08:07 AM   #4
arizonagroovejet
Senior Member
 
Registered: Jun 2005
Location: England
Distribution: openSUSE, Fedora, CentOS
Posts: 1,088

Rep: Reputation: 196Reputation: 196
Quote:
Originally Posted by TobiSGD View Post
To really get rid of sensible data you should zero out the file before removing.
And for that, look at the shred command.
 
Old 05-13-2011, 08:18 AM   #5
kienlarsen
Member
 
Registered: Apr 2011
Posts: 76

Original Poster
Rep: Reputation: 0
Well, it looks like a problem to me.
Let say there's a file with initial permissions 777. Later I decided to keep there my credit cards numbers and make it private and change permissions to 700. In a meanwhile, if another user creates hard link to a file and put it into his home directory where I have no access, my "chmod 700" has no value as the other user will be able to get to the data because his access is controlled by his hard link. I can't even remove the file, as when I remove it, I can't access it anymore but the other guy still has the access!

Last edited by kienlarsen; 05-13-2011 at 08:20 AM.
 
Old 05-13-2011, 08:35 AM   #6
arizonagroovejet
Senior Member
 
Registered: Jun 2005
Location: England
Distribution: openSUSE, Fedora, CentOS
Posts: 1,088

Rep: Reputation: 196Reputation: 196
If you're going to store credit card info or other sensitive data the sensible thing to do would be to create a new file to put it in, not reuse an existing one which you've previously had permissions set such that someone else can read them.

Have you actually tried the scenario you described? I just tried it and the hard link that was created was owned by the same user that created the original file. When I used chmod on the the original file, the permissions on the hard link were changed. So the user that originally created the file can prevent other users who have created hard links to it from accessing it. Remember, there's only one actual file.

It was the case that the hardlink copy of the file remained after I'd deleted the original though and I wasn't able to delete it as it was in a directory I didn't have any permissions on. But if you've already used chmod on the file before deleting it then the hardlink copy is going to be inaccessible anyway.
 
Old 05-13-2011, 08:35 AM   #7
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
Not so because the permissions are on the inode, not the link, so there is only one set of permissions (which may be changed via any of the links):
Code:
c@CW8:~$ mkdir /tmp/tmp
c@CW8:/tmp$ cd /tmp/tmp
c@CW8:/tmp/tmp$ touch foo
c@CW8:/tmp/tmp$ ln foo bar
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -rw-r--r-- 2 c users 0 2011-05-13 18:03 bar
384001 -rw-r--r-- 2 c users 0 2011-05-13 18:03 foo
c@CW8:/tmp/tmp$ chmod 777 bar
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -rwxrwxrwx 2 c users 0 2011-05-13 18:03 bar
384001 -rwxrwxrwx 2 c users 0 2011-05-13 18:03 foo
c@CW8:/tmp/tmp$ chmod 400 foo
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -r-------- 2 c users 0 2011-05-13 18:03 bar
384001 -r-------- 2 c users 0 2011-05-13 18:03 foo
 
Old 05-13-2011, 02:28 PM   #8
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ kienlarsen

Well first of all I would like to say that it is not a good idea to keep your sensitive data on a shared location and infact not on office system atleast, because if someone else is root they can have access to it. I know you are doing it a for sake of testing so lets go ahead with it:

Note: Hard links are just like mirror. When you create a hardlink it is just like copying everything related to that file on another location. When I say everything it does include ownership, permission, inode number etc etc. Read my first post in this thread. Post number #2

This is what I did:

1. Logged in as user1.
2. Created a file with the name credit under /tmp
3. chmod 700 /tmp/credit
4. ls -l and you will see that owner i.e. user1 has got rwx on this file and everyone else has got no rights on this file.
5. Logged in as user2
6. Did ln /tmp/credit /home/user2/credit_hacked
7. Did cat /home/user2/credit_hacked, message displayed Permission Denied
8. vi /home/user2/credit_hacked permission denied.

Additional testing.

1. Logged in as user2.
2. ln -s /tmp/credit /home/user2/credit_hacked_soft (Trying with soft link)
3. Tried doing cat it displayed permission denied. Tried doing vi blank screen no information shown.
4. Here comes the final try. Deleted the user1 to see that after file becoming orphaned will I be having access to any hard linked or soft linked file that I created when the user was there. SAME RESULT with vi and cat. The file ownership instead of name changed to GID of user1 thats it.

So my answer will be that it doesn't matter if someone tries to create hard link or soft link to the file created by you, he/she will not have access to it as long as you are the owner and set the permission to 700.

Last edited by T3RM1NVT0R; 05-13-2011 at 02:31 PM.
 
Old 05-13-2011, 04:30 PM   #9
jefro
Moderator
 
Registered: Mar 2008
Posts: 15,680

Rep: Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260Reputation: 2260
I think it would be better to encrypt the storage but in most file systems the data always remains.


You'd have to copy over the space by some means. Secure erase or other means tends to copy over the are 9 or more times to help remove all traces of data.
 
Old 05-13-2011, 09:41 PM   #10
kienlarsen
Member
 
Registered: Apr 2011
Posts: 76

Original Poster
Rep: Reputation: 0
I left my laptop in office and so I can't test it myself. I mean following steps:
1. User A creates file with perm. 777 in his home directory. chown A
2. User B ln hard link to this file in his directory. chmod 777 chown B
3. User A edit file then chmod 700
4. User B should still have 777 to his hard link
5. User A deletes his file
6. User B should still have his file intact
 
Old 05-13-2011, 11:44 PM   #11
AnanthaP
Member
 
Registered: Jul 2004
Location: Chennai, India
Distribution: UBUNTU 5.10 since Jul-18,2006 on Intel 820 DC
Posts: 813

Rep: Reputation: 195Reputation: 195
Quote:
I left my laptop in office and so I can't test it myself. I mean following steps:
1. User A creates file with perm. 777 in his home directory. chown A
2. User B ln hard link to this file in his directory. chmod 777 chown B
3. User A edit file then chmod 700
4. User B should still have 777 to his hard link
5. User A deletes his file
6. User B should still have his file intact
Once user A `chown`ed in step 1, then user B wont have permissions?
 
Old 05-14-2011, 12:33 AM   #12
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,131
Blog Entries: 2

Rep: Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833Reputation: 4833
Simple failure in point 2 . Even if User B links the file, User A would remain the owner, and only the owner can chmod or chown (besides root) a file.
 
Old 05-14-2011, 01:09 AM   #13
kienlarsen
Member
 
Registered: Apr 2011
Posts: 76

Original Poster
Rep: Reputation: 0
As far as I understand, all hard links to a data are equal, there's no "initial" or "true" link. They all appear as equal representations of a file. And my understanding is that user A would be an owner of his hard link, not an owner of the data blocks. As soon as ownership for another link has been attributed to user B ( by B or by root) this link (means file) will belong to B, otherwise the commands would be useless and there would be no way to say for a file with 200 links, which one is the original. I'll test it as soon as I'll have my hands on my Linux laptop tommorow.
 
Old 05-14-2011, 02:37 AM   #14
speck
Member
 
Registered: Nov 2001
Location: US
Distribution: Slackware 14.2
Posts: 342

Rep: Reputation: 83
Once you have a better understanding of Unix permissions then you'll understand why the "hard link problem" in your scenario is irrelevant. If you leave the permissions of a directory and file wide open (777), then user B could just make a copy of the file and you would probably never know it happened (unless you had specific monitoring tools installed). There wouldn't be a reason for him to go through the trouble of creating a hard link and have it potentially traceable via the inode.

If you secure the directory and file permissions before adding the sensitive data to the file, then your scenario would not occur (of course unless user B is root, then all bets are off).
 
1 members found this post helpful.
Old 05-14-2011, 06:03 AM   #15
T3RM1NVT0R
Senior Member
 
Registered: Dec 2010
Location: Internet
Distribution: Linux Mint, SLES, CentOS, Red Hat
Posts: 2,385

Rep: Reputation: 476Reputation: 476Reputation: 476Reputation: 476Reputation: 476
@ Reply

@ speck

Good answer!!!

@ kienlarsen

Quote:
As far as I understand, all hard links to a data are equal, there's no "initial" or "true" link. They all appear as equal representations of a file. And my understanding is that user A would be an owner of his hard link, not an owner of the data blocks. As soon as ownership for another link has been attributed to user B ( by B or by root) this link (means file) will belong to B, otherwise the commands would be useless and there would be no way to say for a file with 200 links, which one is the original. I'll test it as soon as I'll have my hands on my Linux laptop tommorow.
Lets have a look at the simple logic here. You are saying user A is the owner of his hard link now tell me this we have owner of file and folder, where the concept of owner of hardlink comes? Please read the point that I made in my previous posts it does not matter who create a hard link the owner and the file system permissions will remain the same. So whatever user B try to do until and unless he is a root user he will not be able to gain access to your file by just creating a hardlink because he can't change the permission or change the ownership of the file he created by creating hardlink to original file (again until and unless he is a root user).

So basically what we all are trying to explain here is:

User A created a file. Changed the permission to 700 and then appended important information to that file then user B just can't have access to it whether he create hardlink or soft link or whatever.

Read out the following articles on Linux file system permissions and concept of hardlink and softlinks:

http://www.cyberciti.biz/tips/unders...ard-links.html
http://en.wikipedia.org/wiki/Filesystem_permissions

Whatever you are saying if that was a reality then everyone will have access to every other person's data and file system permissions will then be considered as fake!!!
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
trying to delete data from a file with php steve51184 Linux - Server 5 04-28-2011 03:20 AM
How to create disk image of actual data the_gripmaster Linux - General 6 11-16-2010 04:48 PM
virtualbox - does this delete my actual drive micro_xii Linux - Newbie 5 11-07-2007 05:58 PM
Reading audio data files as an actual audio file? Erik_the_Red Linux - Software 1 06-01-2005 08:22 AM
How to delete hda1 data & File system gardenair Linux - Newbie 1 03-25-2005 09:00 AM


All times are GMT -5. The time now is 08:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration