Thanks for your rapid response! Unfortunately simply overwriting the tape with zero's is not enough (if you're looking for something fun to read see Peter Gutmann's classic paper Secure Deletion of Data from Magnetic and Solid-State Memory), and alas wiping the whole tape would be no better than incineration as far as keeping the rest of the files from the archive's backup job. What I am hoping to accomplish is to build a tool which would selectively overwrite the specified records multiple times (typically 3) with good psuedo-random data followed by a zeroing on the final pass including the record's header (typically referred to as "sanitizing"), and then deleting it from the job database. In a way like the bextract tool except instead of reading, it would overwrite the files associated record(s).
My understanding of btape was that it was not cognizant of the job information and the files within. If perhaps there was a way (though scripting perhaps) to extract that information and then to feed that to btape, then that might be a solution. Then all that remains is the modification of the database. Seems a bit overkill, but it's amazing what can be recovered from magnetic media even when you think you could never get it back (check out some of the commercial data recovery services photos of drives that were pulled from machines that were crushed, caught fire, fished of of the drink, etc.). Now think about nefarious uses of this and you see why this tool becomes necessary. > Hello, > > I am sorry, but I am unable to understand what you want to do. Could you > please try explaining it in one or two sentences? > > What does "sanitize file(s)" mean? > > If you are trying to write a program that erases all data on a tape, then you > will probably find that is possible using standard Unix command line tools -- > e.g. "mt erase". > > If you really insist on overwriting a tape with Bacula tools, then you might > try btape, which will overwrite a whole tape with random data if you want. > > Regards, > > Kern > > On Wednesday 12 May 2010 21:23:21 Paul Davis wrote: > >> We have used Bacula for several years now very successfully with a >> number of autoloader tape drives to archive (and occasionally restore) >> files from multiple machines (running several OSes). Unfortunately every >> so often data (typically a file or two) gets saved in the wrong area >> (then consequently backed up) that shouldn't have been. To remove it >> from disk, such utilities as wipe (wipe.sourceforge.net) are useful but >> for tape... >> >> As Bacula is properly designed to store and retrieve data, there seems >> to be no facility to securely sanitize files(s) (per NIST Special >> Publication 800-88) from the tape(s) (without setting the lot on fire, a >> non-tenable solution to useful backups). As a result I have been >> attempting to modify a copy of bextract (tentatively called bwipe) which >> could provide such a facility. However, as this (and the inherited >> functions it calls) are streamlined to read (and read only) vs. the >> other similar functions who are seemingly streamlined to write (mainly >> append), which is exactly what is necessary for the mainstream approach. >> >> I seem to be further falling down the rabbit hole of copying then >> modifying a litany of functions (from read_record.c, acquire.c, etc.) so >> that they are coded to allow read / modify / write of preexisting >> blocks. Thus my email to the development team (or specifically those >> with knowledge of the store daemon) about this approach. Perhaps this >> has been done before, and I just have never found it? Could there be >> some way (even after setting setup_jcr to mode 0) that subsequent device >> acquisitions to be read and write? Am I just completely going about this >> the wrong way (always a possibility)? Hopefully you can guide me so that >> I can hand you a solution that might be incorporated into your project >> that all could use (when they fall into a predicament such as this). >> >> Respectfully, >> Paul Davis >> >> --------------------------------------------------------------------------- >> --- >> >> _______________________________________________ >> Bacula-devel mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/bacula-devel >> > > -- Paul Davis LGS, Government Communications Laboratories 15 Vreeland Rd., Rm. 1-021 Florham Park, NJ 07932 Phone:973-437-9793 Fax:973-437-9965 ------------------------------------------------------------------------------ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
