[PATCH] modsign: overwrite keys with zero before deleting them

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is for the more paranoid people, also it's
questionable what paranoid nowadays means.

Signed-off-by: Alexander Holler <holler@xxxxxxxxxxxxx>
---
 Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Makefile b/Makefile
index 7ad66de..590ff53 100644
--- a/Makefile
+++ b/Makefile
@@ -1132,7 +1132,9 @@ ifeq ($(CONFIG_MODULE_SIG_THROW_AWAY), y)
 	@echo "###"
 	@echo "### Deleting key used to sign modules."
 	@echo "###"
+	@dd status=none if=/dev/zero of=./signing_key.priv bs=4096 count=1
 	@rm ./signing_key.priv
+	@dd status=none if=/dev/zero of=./signing_key.x509 bs=4096 count=1
 	@rm ./signing_key.x509
 endif
 
-- 
2.0.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux&nblp;USB Development]     [Linux Media]     [Video for Linux]     [Linux Audio Users]     [Yosemite Secrets]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux