How to delete the file and its actual associated data?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to delete the file and its actual associated data?
I'm confused about "hard link" feature. I've been learning from my UNIX Academy DVDs training that hard links to a file can be many and each of them is an effective filename for the associated data. So let assume that we have some very sensitive data in a file and we want it to be deleted and file has 20 links. I "delete" a file, but in fact I deleted only one "name" of it. My understanding from the training that data is still there until we delete the last associated hard link. But how can I find the names of all of them? If we have the names, they can be removed one by one. Or may be there's command that can trace all the "names" and remove them at once?
When you hard link a file to another file, the file that is created also have the same inode number as that of the original file (That is the funda of hardlink) which means it is a mirror of the source file. You can find all the files with the same inode number by running the following command:
find / -inum inode_number
You can find the inode number of a file by running ls -i under the directory it is located.
T3RM1NVT0R is right on this. Keep in mind that the actual data never will be deleted, even if you remove all the hardlinks. Only the link through the inode will be removed. The data will only become unrecoverable when the data is overwritten. To really get rid of sensible data you should zero out the file before removing.
Well, it looks like a problem to me.
Let say there's a file with initial permissions 777. Later I decided to keep there my credit cards numbers and make it private and change permissions to 700. In a meanwhile, if another user creates hard link to a file and put it into his home directory where I have no access, my "chmod 700" has no value as the other user will be able to get to the data because his access is controlled by his hard link. I can't even remove the file, as when I remove it, I can't access it anymore but the other guy still has the access!
Last edited by kienlarsen; 05-13-2011 at 07:20 AM.
If you're going to store credit card info or other sensitive data the sensible thing to do would be to create a new file to put it in, not reuse an existing one which you've previously had permissions set such that someone else can read them.
Have you actually tried the scenario you described? I just tried it and the hard link that was created was owned by the same user that created the original file. When I used chmod on the the original file, the permissions on the hard link were changed. So the user that originally created the file can prevent other users who have created hard links to it from accessing it. Remember, there's only one actual file.
It was the case that the hardlink copy of the file remained after I'd deleted the original though and I wasn't able to delete it as it was in a directory I didn't have any permissions on. But if you've already used chmod on the file before deleting it then the hardlink copy is going to be inaccessible anyway.
Not so because the permissions are on the inode, not the link, so there is only one set of permissions (which may be changed via any of the links):
Code:
c@CW8:~$ mkdir /tmp/tmp
c@CW8:/tmp$ cd /tmp/tmp
c@CW8:/tmp/tmp$ touch foo
c@CW8:/tmp/tmp$ ln foo bar
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -rw-r--r-- 2 c users 0 2011-05-13 18:03 bar
384001 -rw-r--r-- 2 c users 0 2011-05-13 18:03 foo
c@CW8:/tmp/tmp$ chmod 777 bar
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -rwxrwxrwx 2 c users 0 2011-05-13 18:03 bar
384001 -rwxrwxrwx 2 c users 0 2011-05-13 18:03 foo
c@CW8:/tmp/tmp$ chmod 400 foo
c@CW8:/tmp/tmp$ ls -il
total 0
384001 -r-------- 2 c users 0 2011-05-13 18:03 bar
384001 -r-------- 2 c users 0 2011-05-13 18:03 foo
Well first of all I would like to say that it is not a good idea to keep your sensitive data on a shared location and infact not on office system atleast, because if someone else is root they can have access to it. I know you are doing it a for sake of testing so lets go ahead with it:
Note: Hard links are just like mirror. When you create a hardlink it is just like copying everything related to that file on another location. When I say everything it does include ownership, permission, inode number etc etc. Read my first post in this thread. Post number #2
This is what I did:
1. Logged in as user1.
2. Created a file with the name credit under /tmp
3. chmod 700 /tmp/credit
4. ls -l and you will see that owner i.e. user1 has got rwx on this file and everyone else has got no rights on this file.
5. Logged in as user2
6. Did ln /tmp/credit /home/user2/credit_hacked
7. Did cat /home/user2/credit_hacked, message displayed Permission Denied
8. vi /home/user2/credit_hacked permission denied.
Additional testing.
1. Logged in as user2.
2. ln -s /tmp/credit /home/user2/credit_hacked_soft (Trying with soft link)
3. Tried doing cat it displayed permission denied. Tried doing vi blank screen no information shown.
4. Here comes the final try. Deleted the user1 to see that after file becoming orphaned will I be having access to any hard linked or soft linked file that I created when the user was there. SAME RESULT with vi and cat. The file ownership instead of name changed to GID of user1 thats it.
So my answer will be that it doesn't matter if someone tries to create hard link or soft link to the file created by you, he/she will not have access to it as long as you are the owner and set the permission to 700.
Last edited by T3RM1NVT0R; 05-13-2011 at 01:31 PM.
I think it would be better to encrypt the storage but in most file systems the data always remains.
You'd have to copy over the space by some means. Secure erase or other means tends to copy over the are 9 or more times to help remove all traces of data.
I left my laptop in office and so I can't test it myself. I mean following steps:
1. User A creates file with perm. 777 in his home directory. chown A
2. User B ln hard link to this file in his directory. chmod 777 chown B
3. User A edit file then chmod 700
4. User B should still have 777 to his hard link
5. User A deletes his file
6. User B should still have his file intact
I left my laptop in office and so I can't test it myself. I mean following steps:
1. User A creates file with perm. 777 in his home directory. chown A
2. User B ln hard link to this file in his directory. chmod 777 chown B
3. User A edit file then chmod 700
4. User B should still have 777 to his hard link
5. User A deletes his file
6. User B should still have his file intact
Once user A `chown`ed in step 1, then user B wont have permissions?
As far as I understand, all hard links to a data are equal, there's no "initial" or "true" link. They all appear as equal representations of a file. And my understanding is that user A would be an owner of his hard link, not an owner of the data blocks. As soon as ownership for another link has been attributed to user B ( by B or by root) this link (means file) will belong to B, otherwise the commands would be useless and there would be no way to say for a file with 200 links, which one is the original. I'll test it as soon as I'll have my hands on my Linux laptop tommorow.
Once you have a better understanding of Unix permissions then you'll understand why the "hard link problem" in your scenario is irrelevant. If you leave the permissions of a directory and file wide open (777), then user B could just make a copy of the file and you would probably never know it happened (unless you had specific monitoring tools installed). There wouldn't be a reason for him to go through the trouble of creating a hard link and have it potentially traceable via the inode.
If you secure the directory and file permissions before adding the sensitive data to the file, then your scenario would not occur (of course unless user B is root, then all bets are off).
As far as I understand, all hard links to a data are equal, there's no "initial" or "true" link. They all appear as equal representations of a file. And my understanding is that user A would be an owner of his hard link, not an owner of the data blocks. As soon as ownership for another link has been attributed to user B ( by B or by root) this link (means file) will belong to B, otherwise the commands would be useless and there would be no way to say for a file with 200 links, which one is the original. I'll test it as soon as I'll have my hands on my Linux laptop tommorow.
Lets have a look at the simple logic here. You are saying user A is the owner of his hard link now tell me this we have owner of file and folder, where the concept of owner of hardlink comes? Please read the point that I made in my previous posts it does not matter who create a hard link the owner and the file system permissions will remain the same. So whatever user B try to do until and unless he is a root user he will not be able to gain access to your file by just creating a hardlink because he can't change the permission or change the ownership of the file he created by creating hardlink to original file (again until and unless he is a root user).
So basically what we all are trying to explain here is:
User A created a file. Changed the permission to 700 and then appended important information to that file then user B just can't have access to it whether he create hardlink or soft link or whatever.
Read out the following articles on Linux file system permissions and concept of hardlink and softlinks:
Whatever you are saying if that was a reality then everyone will have access to every other person's data and file system permissions will then be considered as fake!!!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.