Zero out volumes during deletion to prevent data leaking between users

nova/volume/driver.py

@@ -112,6 +112,12 @@ class VolumeDriver(object):
             # If the volume isn't present, then don't attempt to delete
             return True
 
+        # zero out old volumes to prevent data leaking between users
+        # TODO(ja): reclaiming space should be done lazy and low priority
+        self._execute('sudo', 'dd', 'if=/dev/zero',
+                      'of=%s' % self.local_path(volume),
+                      'count=%d' % (volume['size'] * 1024),
+                      'bs=1M')
         self._try_execute('sudo', 'lvremove', '-f', "%s/%s" %
                           (FLAGS.volume_group,
                            volume['name']))