On Wed, 11 Nov 2009, Darren J Moffat wrote:
note that "eradication" via overwrite makes no sense if the underlying
storage uses copy-on-write, because there's no guarantee that the newly
written block actually will overlay the freed block.
Which is why this has to be a ZFS feature rather than something link GNU
shred(1) which runs in userland.
Zfs is absolutely useless for this if the underlying storage uses
copy-on-write. Therefore, it is absolutely useless to put it in zfs.
No one should even consider it.
The use of encrypted blocks is much better, even though encrypted
blocks may be subject to freeze-spray attack if the whole computer is
compromised while it is still running. Otherwise use a sledge-hammer
followed by incineration.
Bob
--
Bob Friesenhahn
bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
