Stephen Hahn wrote: >> Isn't it the case that schred does not work on ZFS so why provide >> it at all? > > Yes, shred won't work on ZFS. Bill and Dan were just telling me that > snapshots mean it can never really work, so it's probably best to drop > it. There are various actions the ZFS team might take to decrease > unintended data recovery, but shred isn't equivalent to any of them. > > I suppose the question is whether the command should be modified to > warn about "failure to shred on this filesystem", or simply dropped.
Personally I think it should be dropped. It isn't just local file systems like ZFS that are a problem, consider if you are on an NFS client and the server is using a COW filesystem it still won't work and you on the client have no way to know this (eg a NetApp box or a Solaris machine exporting a ZFS file system over NFS). There has recently been a long discussion on the opensolaris zfs-discuss/security-discuss aliases recently (started by me) about providing "shred"-like functionality as a core part of the filesystem. http://www.opensolaris.org/jive/thread.jspa?threadID=20438&tstart=0 IMO shred as it appears in GNU coreutils is down right dangerous because it leads end users into a false sense of security and they need to know a huge amount of info about not only which filesystem they are using but how it is implemented. -- Darren J Moffat
