On Wed, 20 Dec 2006, Pawel Jakub Dawidek wrote:
On Tue, Dec 19, 2006 at 02:04:37PM +0000, Darren J Moffat wrote:
In case it wasn't clear I am NOT proposing a UI like this:
$ zfs bleach ~/Documents/company-finance.odp
Instead ~/Documents or ~ would be a ZFS file system with a policy set something
like this:
# zfs set erase=file:zero
Or maybe more like this:
# zfs create -o erase=file -o erasemethod=zero homepool/darrenm
The goal is the same as the goal for things like compression in ZFS, no application
change it is "free" for the applications.
I like the idea, I really do, but it will be soooo expensive because of
ZFS' COW model. Not only file removal or truncation will call bleaching,
but every single file system modification... Heh, well, if privacy of
your data is important enough, you probably don't care too much about
performance. I for one would prefer encryption, which may turns out to be
much faster than bleaching and also more secure.
And this kind of "deep bleaching" would also break if you use snapshots -
how do you reliably bleach if you need to keep the all of the old data
around ? You only could do so once the last snapshot is gone. Kind of
defeating the idea - automatic but delayed indefinitely till operator
intervention (deleting the last snapshot).
FrankH.
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
