Announcing: secure "rm" utility

bridged with qnx.rtos
Post Reply
Robert Krten

Announcing: secure "rm" utility

Post by Robert Krten » Wed Jan 28, 2004 1:56 am

When you "rm" a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
"secure rm" utility. It can wipe a file all to zero before unlinking it:

srm -Xz filename

or, for the really security-minded individual, it can write multiple
copies of randomized garbage over the file before unlinking it:

srm -X8 filename

will write 8 different patterns of garbage over the file.

ALPHA version is available at:

http://www.parse.com/samples/manpages/srm.html

"srm" is intended to replace "rm".

Please report any bugs you may find.

Cheers,
-RK

--
[If replying via email, you'll need to click on the URL that's emailed to you
afterwards to forward the email to me -- spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

John Garvey

Re: Announcing: secure "rm" utility

Post by John Garvey » Wed Jan 28, 2004 10:02 am

Robert Krten <rk@parse.com> wrote:
When you "rm" a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
"secure rm" utility. It can wipe a file all to zero before unlinking it:
Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=`echo \`ls -s $1\` | cut -f1 -d ' '` 2>/dev/null && rm $1
}

Robert Krten

Re: Announcing: secure "rm" utility

Post by Robert Krten » Wed Jan 28, 2004 1:31 pm

John Garvey <jgarvey@qnx.com> wrote:
Robert Krten <rk@parse.com> wrote:
When you "rm" a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
"secure rm" utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=`echo \`ls -s $1\` | cut -f1 -d ' '` 2>/dev/null && rm $1
}
And then do the randomization part, and then do the recursive part, and then
do the part where you don't zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it "srm" :-)

Cheers,
-RK

--
[If replying via email, you'll need to click on the URL that's emailed to you
afterwards to forward the email to me -- spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

Chris McKillop

Re: Announcing: secure "rm" utility

Post by Chris McKillop » Wed Jan 28, 2004 6:32 pm

Robert Krten <rk@parse.com> wrote:
John Garvey <jgarvey@qnx.com> wrote:
Robert Krten <rk@parse.com> wrote:
When you "rm" a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
"secure rm" utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=`echo \`ls -s $1\` | cut -f1 -d ' '` 2>/dev/null && rm $1
}

And then do the randomization part, and then do the recursive part, and then
do the part where you don't zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it "srm" :-)
The random case is pretty easy, just access /dev/random instead of /dev/zero. :)

chris

--
Chris McKillop <cdm@qnx.com> "The faster I go, the behinder I get."
Software Engineer, QSSL -- Lewis Carroll --
http://qnx.wox.org/

Robert Krten

Re: Announcing: secure "rm" utility

Post by Robert Krten » Wed Jan 28, 2004 8:24 pm

Chris McKillop <cdm@qnx.com> wrote:
Robert Krten <rk@parse.com> wrote:
John Garvey <jgarvey@qnx.com> wrote:
Robert Krten <rk@parse.com> wrote:
When you "rm" a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
"secure rm" utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=`echo \`ls -s $1\` | cut -f1 -d ' '` 2>/dev/null && rm $1
}

And then do the randomization part, and then do the recursive part, and then
do the part where you don't zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it "srm" :-)


The random case is pretty easy, just access /dev/random instead of /dev/zero. :)
Hey, quit picking on me! :-) The *whole thing* is easy, it's just a "simple matter
of programming" to go and actually do it! Heck, a filesystem or an operating system
is easy too :-) :-)

Cheers,
-RK

--
[If replying via email, you'll need to click on the URL that's emailed to you
afterwards to forward the email to me -- spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

Chris McKillop

Re: Announcing: secure "rm" utility

Post by Chris McKillop » Wed Jan 28, 2004 9:29 pm

Hey, quit picking on me! :-)
Shucks - do we have to? :)

chris

--
Chris McKillop <cdm@qnx.com> "The faster I go, the behinder I get."
Software Engineer, QSSL -- Lewis Carroll --
http://qnx.wox.org/

Rick Duff

Re: Announcing: secure "rm" utility

Post by Rick Duff » Wed Jan 28, 2004 10:38 pm

Robert Krten wrote:
Hey, quit picking on me! :-) The *whole thing* is easy, it's just a "simple matter
of programming" to go and actually do it! Heck, a filesystem or an operating system
is easy too :-) :-)
But Rob, who else can we pick on? :-)

Besides if I pick on you in email, I have to give my email address to
that data mining software you run on your mail server. ;-)


--
Rick Duff Internet: rick@astranetwork.com
Astra Network URL: http://www.astranetwork.com
QNX Consulting and Custom Programming Phone: +1 (204) 997-NETW (6389)

Post Reply

Return to “qnx.rtos”