[ On Friday, June 7, 2002 at 13:35:38 (-0400), Gary Thorpe wrote: ]
> Subject: Re: FFS reliability problems
>
> That sounds simple and appropriate but it does not guarantee that the file's 
> old data is not recoverable. As hypothesized, the system may crash before 
> data is written to the disk in the overwrite phase. I am just asking if 
> something like this is possible to implement and maybe suggestions on how it 
> would be done?

Don't make it readable by anyone else (but the superuser, of course) in
the first place if you don't want other people to read it.  Whether or
not the file is "recovered" by fsck following a crash is irrelevant.
There's always a race condition between the creation of the file and the
unlinking of it, and this is a far more worrisome time than being afraid
it's contents will still live on after a crash!

	fd = creat("my_precious_temp_file", 0600);
	unlink("my_precious_temp_file");

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>