Re: ext2/ext3, sync/async filesystems, data hygiene

To: Anonymous <cripto@ecn.org>
Cc: debian-user@lists.debian.org
Subject: Re: ext2/ext3, sync/async filesystems, data hygiene
From: Tom Vier <tmv@comcast.net>
Date: Wed, 27 Jul 2005 10:45:14 -0400
Message-id: <[🔎] 20050727144514.GA4145@zero>
Reply-to: Tom Vier <tmv@comcast.net>
In-reply-to: <[🔎] d8e4c1225ac0f08f449de5adbffa0c65@ecn.org>
References: <[🔎] d8e4c1225ac0f08f449de5adbffa0c65@ecn.org>

On Wed, Jul 27, 2005 at 01:10:43PM +0200, Anonymous wrote:
> I'm thinking of switching from ext3 back to ext2 because the wiping
> utilities (shred, srm) aren't supposed to work on journaled
> filesystems. But I'm also thinking of mounting ext2 synchronously to
> reduce the risk of data loss (power cuts, etc).

I'm the author of wipe, btw (the one at wipe.sf.net). Meta-data journaling
alone isn't a problem (except for wiping filenames), but full data
journaling is, and some journaled fs (like reiser) don't necessarily place
data on the same blocks when you overwrite (log-structured and versioning
filesystems, especially). To be sure you overwrite the old blocks, you have
to overwrite the whole partition.

That's why it's best to encrypt sensitive data in the first place. That way,
there's no plain text left around.

> What will I screw up if I do this?

I'd just stick to ext3. I believe (but i'm not certain) that ext3 currently
writes the same file offset to the same blocks. That may not be the case in
the future (eg, fs-level snapshots).

> I notice that the BSD people normally use synchronous filesystems and
> we GNU-Linux people normally use async. Why? Are they wrong or just
> different, and how?

There's a few reasons. Linux's e2fsck was good enough that most of the time,
it could repair an async-mounted ext2 w/o much trouble. The problem though,
is async breaks things like mail, which rely on rename being synchronis
(which is another discussion). For a long time (maybe still) mounting ext2
sync wasn't as strict as bsd sync-mounts (i believe ext2 was at least
improved, in the last year - i remember a patch being posting on the l-k
list). The main reason linux defaulted to async for ext2, was speed. BSD was
more concerned with correctness and reliability for things such as mail and
news serving. Journing with data=ordered provides the same safety as
sync-mounts, but better performance and no lengthy fsck. BSD softdeps also
provides better performance (and the same guarantees) as sync, but still
requires fsck if not cleaning umounted.

> Alternatively, can anyone recommend a file-wiping tool that
> purges/wipes the ext3 journal as well as overwriting the file?

wipe -Tx1 /dev/...   ;)

If you do use my util, get the latest WIP version from sourceforge. There's
a couple minor bug fixes.

-- 
Tom Vier <tmv@comcast.net>
DSA Key ID 0x15741ECE

Reply to:

References:
- ext2/ext3, sync/async filesystems, data hygiene
  - From: Anonymous <cripto@ecn.org>

Prev by Date: Resizing partition
Next by Date: Re: Any recomendations on C/R spam tools for Debian
Previous by thread: ext2/ext3, sync/async filesystems, data hygiene
Next by thread: Re: ext2/ext3, sync/async filesystems, data hygiene
Index(es):
- Date
- Thread