Dne 19.7.2016 v 17:28 Scott Sullivan napsal(a):
Hello,
Could someone please clarify if there is a legitimate reason to worry about
data security of a old (removed) LVM snapshot?
For example, when you lvremove a LVM snapshot, is it possible for data to be
recovered if you create another LVM and it happens to go into the same area as
the old snapshot we lvremoved?
If this helps clarify, do we have to worry about security scrubbing a LVM
snapshot for data security ?
lvm2 is 'volume manage' - not a security tool to obfuscate data on your disk
- this is 'admins' task.
So if you do care about 'data' content you give to your user in LV - it's
then 'admins' jobs to 'clear-up' all space before LV is given to user.
i.e. 'lvcreate && dd if=/dev/zero....'
lvm2 does not care about 'data' content - it's metadata management tool.
Now if you are paranoid and you care purely about 'erasing' data from your
snapshot - you can use 'lvconvert --splitsnapshot' and then erase again with
'dd' your COW volume you get from split.
Saying all this - you can try to use 'thin-provisioning' instead,
which has built-in option of zeroing provisioned blocks - so whenever your
provisioned LV gets a 'new block' - it's unwritten part are always zeroed - so
there is no 'data-leak'.
And finally - if you are using modern filesystem like ext4 or XFS - they are
tracking written area - so 'fs' user cannot actually read 'unwritten' data.
And 2nd. finally - for paronid admin consider 'data' encryption....
Regards
Zdenek
_______________________________________________
linux-lvm mailing list
linux-lvm@redhat.com
https://www.redhat.com/mailman/listinfo/linux-lvm
read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/
