"secure" file flag?

[StefanEßer]

On 2003-11-23 18:04 +0100, Poul-Henning Kamp <phk at phk.freebsd.dk> wrote:
> 1.  Look for BIO_DELETE in the kernel.

Seems that BIO_DELETE isn't really supported anymore
(according to a comment in your GEOM sources ;-)

AFAICT, BIO_DELETE can't easily be made a long running 
operation (taking tens of revolutions of a disk media)
without really hurting performance because of assumptions
that it will take about the same time as BIO_WRITE ...

> 2.  Use GBDE or other encryption.

Yes, probably. But encryption is only as good as key
management and secure storage (and deletion) of keys. 
How do you implement unattended reboot, if you consider
unauthorized (physical) access to your system as one 
of the attack scenarios to protect against ?
(Not meaning, that secure erase would really solve
that problem ...)

Regards, STefan