Jack,
Perhaps the ability to erase all bits on the disk should be a feature of
AI, since it is very easy to do before installation, and very hard to do
afterwards. Leftover bits on disk is definitely a security concern for
some users. According to the man page, format(1m) -> analyze -> purge
implements the National Computer Security Center Guide to Understanding
Data Remnance (NCSC-TG-025 version 2) Overwriting Algorithm.
William
Jack Schwartz wrote:
> Hi William.
>
> One addendum to what I wrote:
>
> Jack Schwartz wrote:
>> Hi William.
>>
>> On 06/05/09 04:26, William Schumann wrote:
>>> Jack,
>>>
>>> Jack Schwartz wrote:
>>>> Hi William.
>>>>
>>>> William Schumann wrote:
>>>>> Jack,
>>>>> I've modified the proposal to include some protection for vdevs.
>>>>> If a vdev is a disk, it must have the attribute "use_entire_disk"
>>>>> if the disk is labeled or formatted. Suggestions on a better name
>>>>> for this attribute gladly accepted - I don't think that
>>>>> "use_entire_disk" makes it adequately clear that the all
>>>>> formatting will be destroyed by zfs/zpool create.
>>>> wipe_disk or wipe_entire_disk?
>>>> erase_disk or erase_entire_disk?
>>> Well, it doesn't erase the disk - erasure to me means a low-level
>>> format or something that wipes out all the bits. Same with wipe.
>>> I thought about 'allow_device_reformat', but that sounds too
>>> technical. Maybe 'force_reformatting' - the term "force" is used by
>>> zpool create.
>> IMO, from an end user perspective, the data is gone, so its as good
>> as erased.
> I heard from Greg who suggested that calling it erased might mislead
> people as parts may still be accessible. While I think this is a nit,
> I also think "reuse current disk" is clearest. It implies something
> was there, and its space will be reused (not erased, formatted, or
> anything specific, just that it will be reused).
>
>
