Wipe disk with zeros as part of delete instance files in Nova libvirt driver.
This is a specless blueprint as the proposed enhancement is minor with no API or DB updates.
Currently in the nova libvirt driver the method delete_instance files only uses the shutil to remove the instance files. However this can always be recovered and is not wiping out the disk sectors properly.
The use case is that on only using rmtree or rm later anyone who can 'undelete' or recover the deleted files. The long term solution is to overwrite it which is not covered yet.
This will be remedied by overwriting with zeros. The relevant tests "test_delete_
Will target for Stein.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Uday T Kumar
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Discussion
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
As discussed on the #openstack-nova channel, this is being proposed for stein.
We discussed this at the PTG [1] and the agreement was that doing this would not provide you any security guarantees. That is, anyone examining the host while the instance file is in use could read it. If you need security for your instance files, you should look at using encrypted lvm volumes.
So, we are not going to approve this blueprint. -- melwitt 20180914
