Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Fri, 22 Nov 2002 00:48:08 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Fri, 22 Nov 2002 00:48:07 -0500 Received: from saturn.cs.uml.edu ([129.63.8.2]:45316 "EHLO saturn.cs.uml.edu") by vger.kernel.org with ESMTP id ; Fri, 22 Nov 2002 00:48:06 -0500 From: "Albert D. Cahalan" Message-Id: <200211220555.gAM5tC5337098@saturn.cs.uml.edu> Subject: Re: Where is ext2/3 secure delete ("s") attribute? To: jgarzik@pobox.com (Jeff Garzik) Date: Fri, 22 Nov 2002 00:55:12 -0500 (EST) Cc: acahalan@cs.uml.edu (Albert D. Cahalan), linux-kernel@vger.kernel.org, kentborg@borg.org, alan@lxorguk.ukuu.org.uk In-Reply-To: <3DDDB4EF.9090300@pobox.com> from "Jeff Garzik" at Nov 21, 2002 11:39:11 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1624 Lines: 56 Jeff Garzik writes: > Albert D. Cahalan wrote: >> Jeff Garzik writes: >>> Please name a filesystem that moves allocated blocks around >>> on you. And point to code, too. >> >> Reiserfs tails >> fs/reiserfs > > inodes don't move In that case I suppose you could iterate through all possible tail sizes. In any case, Reiserfs 4 is coming. Reiserfs 4 shifts the tree all over. >> ext3 with data journalling >> fs/ext3 > > the allocated blocks don't change Same effect though: only the filesystem driver can know how to overwrite a file. >> the journalling flash filesystems >> fs/jffs >> fs/jffs2 > > yep > >> NTFS with compression >> fs/ntfs > > the allocated blocks don't change They must. I suppose that might not be implemented yet. >> Multiple overwrites won't protect you from the disk manufacturer >> or the NSA. Only one is needed to protect against root & kernel. >> So it makes sense to have the filesystem zero the blocks when >> they are freed from a file. > > if you need to protect against root, then zeroing the blocks isn't > going to help for LVM or jffs or other journalling. By "protect against root" of course I mean a future cracked box or the drive put into another machine. LVM has to cooperate. If it can't, then that's a bug. Snapshots count the same as keeping backups on separate media. Likewise, fsck and defraggers need to cooperate. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/