Date: Mon, 24 Nov 2003 09:52:25 +0100 From: Stefan =?iso-8859-1?Q?E=DFer?= <se@FreeBSD.org> To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@des.no> Cc: freebsd-hackers@freebsd.org Subject: Re: "secure" file flag? Message-ID: <20031124085225.GA1168@StefanEsser.FreeBSD.org> In-Reply-To: <xzpfzgfrqqg.fsf@dwp.des.no> References: <20031119003133.18473.qmail@web11404.mail.yahoo.com> <200311211333.39520.wes@softweyr.com> <20031121235607.GB16700@StefanEsser.FreeBSD.org> <200311230016.31498.wes@softweyr.com> <20031123121501.GA1133@StefanEsser.FreeBSD.org> <xzpfzgfrqqg.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2003-11-23 17:31 +0100, Dag-Erling Sm=F8rgrav <des@des.no> wrote: > Stefan E=DFer <se@FreeBSD.org> writes: > > What I'm suggesting is to have the obliteration implemented as an > > add on to the dirty buffer flush, with the difference that the=20 > > buffer contents is prepared for the next step of the erasure process, > > written out, and then not declared free but again prepared for the > > next overwrite pass. >=20 > This next pass won't be until thirty seconds later, so it'll take > about half an hour to completely obliterate a file. Furthermore, These 30 seconds are not a universal constant and ISTR. I had in mind, that one obliteration pass is performed.=20 After each pass, a cache flush has to be performed, and the=20 next pass is performed immediately or only after a brief delay. I see, that this may cause too many CPU cycles spent traversing the buffer cache. > unmounting a file system less than half an hour after a file is > deleted or truncated will fail, and shutting down will most likely > leave the file system unclean due to repeated failures to flush the > dirty buffer list. Yes, that's why I meant that fsck might be used to trigger the restart of an erasure process that was not completed due to=20 shutdown or a crash. This does obviously no good in case that=20 somebody else got hold of your disk, menawhile, but it covers cases that are not dealt with by a user-land utility (which=20 would just be stopped halfway through when the system goes down). Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031124085225.GA1168>