Re: PATCH - ext2fs privacy (i.e. secure deletion) patch

From: Jamie Lokier
Date: Sat Feb 07 2004 - 06:10:06 EST

Next message: James Bromberger: "2.4.23 && md raid1 && reiserfs panic"
Previous message: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
In reply to: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
Next in thread: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

the grugq wrote:
> Yes, the allocation of the inode and data blocks should be randomized
> for security, but that would lead to performance impacts. Implementing
> that should definately be a compile time option.

What do you mean?

I haven't mentioned randomising block allocations at all.

The random number is an encryption key, private to the inode, used to
encrypt the data blocks. The blocks are allocated efficiently as usual.

> Your suggestion would certainly work, but I think the performance impact
> of using random inodes and data blocks would dissuade many from having
> it enabled by default. Simple secure deletion of the data and meta-data
> would have a lower impact, and be more likely to be used on more file
> systems.

My suggestion would be much more efficient than yours: for every file
created and deleted, you do twice the I/O I do.

-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Bromberger: "2.4.23 && md raid1 && reiserfs panic"
Previous message: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
In reply to: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
Next in thread: the grugq: "Re: PATCH - ext2fs privacy (i.e. secure deletion) patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]