[plug] [OT] Security problems with NTFS
Stephen Boak
sboak at westnet.com.au
Thu Oct 23 19:26:06 WST 2003
This may be old hat to those of you who follow security closely, but
it came as a suprise to me so I will pass it on. Even if it does not
affect you personally, I expect some of you manage corporate users
with NTFS filesystems who like their security to actualy work :)
http://www.seifried.org/security/advisories/kssa-003.html
<quote>
In the NTFS file system a facility exists to bind additional data to
a file or directory, called an alternate data stream [url1][url2].
These alternate data streams cannot be be removed, unless the parent
file or directory is destroyed. Unfortunately most file wiping
utilities only deal with the primary data stream and do not wipe the
alternate data streams, thus leaving data intact.
</quote>
I know this is OT on this list, but they do mention using Linux to
search the affected drive to demonstrate the problem :)
Steve
_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
More information about the plug
mailing list