On Tue, 2006-07-04 at 11:22 +0200, Petr Tesarik wrote:If you wanted to add a feature which would overwrite the file when removed or truncated I'd be happy. Yes I know about attributes and dban, and I have a version of rm which does that if people use it, but would be nice to have it on the whole filesystem. It's not proof against a TLA, but nice for casual snooping.On Mon, 2006-07-03 at 23:25 +0200, Diego Calleja wrote:El Mon, 03 Jul 2006 15:46:55 -0600,Yes and no. A simple mv is better done in userspace, but what I'd
"Jeff V. Merkey" <jmerkey@xxxxxxxxxxxxxxxxxxxxx> escribiÃ:
Add a salvagable file system to ext4, i.e. when a file is deleted, you just rename it and move it to a directory called DELETED.SAV and recycle the files as people allocate new ones. Easy to do (internal "mv" of
Easily doable in userspace, why bother with kernel programming
_really_ appreciate would be a true kernel salvage (similar to the way
NetWare does things). That means marking the file as deleted in the
directory, marking its blocks as deleted but avoiding the use of those
blocks. The kernel would then prefer allocating new blocks from
elsewhere but once the filesystem runs out of space, it would start
allocating from the deleted files area and marking the blocks as well as
the corresponding files purged.
Salvaging files would be done with a separate tool. Of course, if you
delete more files with the same name in the same directory, you'd need
to tell that tool which one of them you want to salvage. Yes, I really
mean you'd have more than one deleted file with the same name in the
directory.
Anyway, I doubt we want such feature for ext4, because to make things
efficient, you'd need to provide some kind of pointer from the deleted
(but not yet purged) blocks to the corresponding file. Hard links are
also problematic and there is a whole lot of other troubles I haven't
even thought of.
Wouldn't such a scheme interfere with the block allocator algorithms,
and hence increase the risk of fragmentation? Schemes like this realy
put my hairs on end,
1) if you don't want to lose your data, make backups; 2) if I mean to delete a file, I want it gone proper. Silently keeping
it about is not unix like;
3) don't aid third parties in recovering your removed data. If I want
them to have it I'll give it to them.
Peter