Re: `Secure' deletion in zfs
- From: Darren Dunham <ddunham@xxxxxxxxxxxxxxxx>
- Date: Tue, 29 Aug 2006 16:42:50 GMT
Tim Bradshaw <tfb+google@xxxxxxxx> wrote:
There are various utilities which make attempts to securely delete
files, typically by overwriting them multiple times with random junk
and then deleting them. Regardless of how secure this actually is
given all the places the data might end up even on traditional
filesystems, am I right that copy-on-write basically dooms this
completely on zfs?
Looks that way. Especially since they wouldn't be aware of any
snapshots that might be present.
If I wanted to make a reasonably good promise that
the blocks that once held some data no longer do, how should I do this
with zfs?
#1. Put support into the filesystem. Maybe have a filesystem option
that all freed blocks get overwritten several times (either sync or
async). Potentially, this could even be done on a file-by-file
basis.
#2. Delete the file, delete any snapshots potentially holding blocks
with that information, then overwrite all free blocks (but you
can't really do that multiple times easily).
--
Darren Dunham ddunham@xxxxxxxx
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
.
- Follow-Ups:
- Re: `Secure' deletion in zfs
- From: news
- Re: `Secure' deletion in zfs
- References:
- `Secure' deletion in zfs
- From: Tim Bradshaw
- `Secure' deletion in zfs
- Prev by Date: Solaris Express X86 - newhost
- Next by Date: Re: nfs errors
- Previous by thread: `Secure' deletion in zfs
- Next by thread: Re: `Secure' deletion in zfs
- Index(es):
Relevant Pages
|
Loading
