Re: PATCH - ext2fs privacy (i.e. secure deletion) patch

From: Bill Davidsen
Date: Wed Feb 04 2004 - 12:04:36 EST


the grugq wrote:


The obvious thing to do would be to make it a mount option, so that
(a) recompilation is not necessary in order to use the feature, and
(b) the feature can be turned on or off on a per-filesystem feature.
In 2.6, it's possible to specify certain mount option to be specifed
by default on a per-filesystem basis (via a new field in the
superblock). So if you do things that way, then secure deletion would take place
either if the secure deletion flag is set (so it can be enabled on a
per-file basis), or if the filesystem is mounted with the
secure-deletion mount option.


Makes sense to me. If either the file system, or the file, are in 'secure delete' mode, then erase everything about the file. Allowing the paranoid to have the option as default, and the concerned to target specific files. I like it.

It would be useful to have this as a directory option, so that all files in directory would be protected. I think wherever you do it you have to prevent hard links, so that unlink really removes the data.

--
bill davidsen <davidsen@xxxxxxx>
CTO TMR Associates, Inc
Doing interesting things with small computers since 1979
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/