[Top] [All Lists]

Re: security and journaling

To: Chris Croswhite <ccroswhite@xxxxxxxxxxxx>
Subject: Re: security and journaling
From: Michael Sinz <msinz@xxxxxxxxx>
Date: Mon, 30 Sep 2002 16:24:25 -0400
Cc: linux-xfs@xxxxxxxxxxx
References: <1033412750.13916.20.camel@xxxxxxxxxxxxxxxxxxx>
Sender: linux-xfs-bounce@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1b) Gecko/20020813
Chris Croswhite wrote:

Thank you for the responses.

I am indeed paranoid about recovering the files that will be encrypted. As people on this list have stated, I need to verify that after a clean
unmount, the journal is zeroed.  Or is it possible to force the journal
to zero itself out?  Is it possible to force XFS to immediately over
write the original space of files that were encrypted?

If the encryption process uses mmap() to open/read/encrypt/write the
file (and the size does not get smaller) then you would be fine.
This will alter the data on disk "in place" and happens to also be
a fine/fast way to do so :-)

Michael Sinz -- Director, Systems Engineering -- Worldgate Communications
A master's secrets are only as good as
        the master's ability to explain them to others.

<Prev in Thread] Current Thread [Next in Thread>