Announcing: secure "rm" utility

QNX Newsgroups (Archives) qnx.rtos
1

When you “rm” a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
“secure rm” utility. It can wipe a file all to zero before unlinking it:

srm -Xz filename

or, for the really security-minded individual, it can write multiple
copies of randomized garbage over the file before unlinking it:

srm -X8 filename

will write 8 different patterns of garbage over the file.

ALPHA version is available at:

http://www.parse.com/samples/manpages/srm.html

“srm” is intended to replace “rm”.

Please report any bugs you may find.

Cheers,
-RK


[If replying via email, you’ll need to click on the URL that’s emailed to you
afterwards to forward the email to me – spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

2

Robert Krten <rk@parse.com> wrote:

When you “rm” a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
“secure rm” utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=echo \ls -s $1` | cut -f1 -d ’ '` 2>/dev/null && rm $1
}

3

John Garvey <jgarvey@qnx.com> wrote:

Robert Krten <> rk@parse.com> > wrote:
When you “rm” a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
“secure rm” utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=echo \ls -s $1` | cut -f1 -d ’ '` 2>/dev/null && rm $1
}

And then do the randomization part, and then do the recursive part, and then
do the part where you don’t zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it “srm” :slight_smile:

Cheers,
-RK


[If replying via email, you’ll need to click on the URL that’s emailed to you
afterwards to forward the email to me – spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

4

Robert Krten <rk@parse.com> wrote:

John Garvey <> jgarvey@qnx.com> > wrote:
Robert Krten <> rk@parse.com> > wrote:
When you “rm” a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
“secure rm” utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=echo \ls -s $1` | cut -f1 -d ’ '` 2>/dev/null && rm $1
}

And then do the randomization part, and then do the recursive part, and then
do the part where you don’t zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it “srm” > :slight_smile:

The random case is pretty easy, just access /dev/random instead of /dev/zero. :slight_smile:

chris


Chris McKillop <cdm@qnx.com> “The faster I go, the behinder I get.”
Software Engineer, QSSL – Lewis Carroll –
http://qnx.wox.org/

5

Chris McKillop <cdm@qnx.com> wrote:

Robert Krten <> rk@parse.com> > wrote:
John Garvey <> jgarvey@qnx.com> > wrote:
Robert Krten <> rk@parse.com> > wrote:
When you “rm” a file from your filesystem, the file contents are still
available on the disk. To securely wipe out the file, you need the
“secure rm” utility. It can wipe a file all to zero before unlinking it:

Hmm, you mean like:

function srm
{
dd if=/dev/zero of=$1 count=echo \ls -s $1` | cut -f1 -d ’ '` 2>/dev/null && rm $1
}

And then do the randomization part, and then do the recursive part, and then
do the part where you don’t zero out files that are in use, or that have more
than one link, and then the part where you descend only N levels deep, and, yah,
sure, you can do it all in a shell script. Or you can write a small C program
and call it “srm” > :slight_smile:


The random case is pretty easy, just access /dev/random instead of /dev/zero. > :slight_smile:

Hey, quit picking on me! :slight_smile: The whole thing is easy, it’s just a “simple matter
of programming” to go and actually do it! Heck, a filesystem or an operating system
is easy too :slight_smile: :slight_smile:

Cheers,
-RK


[If replying via email, you’ll need to click on the URL that’s emailed to you
afterwards to forward the email to me – spam filters and all that]
Robert Krten, PDP minicomputer collector http://www.parse.com/~pdp8/

6

Hey, quit picking on me! > :slight_smile:

Shucks - do we have to? :slight_smile:

chris


Chris McKillop <cdm@qnx.com> “The faster I go, the behinder I get.”
Software Engineer, QSSL – Lewis Carroll –
http://qnx.wox.org/

7

Robert Krten wrote:

Hey, quit picking on me! > :slight_smile: > The whole thing is easy, it’s just a “simple matter
of programming” to go and actually do it! Heck, a filesystem or an operating system
is easy too > :slight_smile: > > :slight_smile:

But Rob, who else can we pick on? :slight_smile:

Besides if I pick on you in email, I have to give my email address to
that data mining software you run on your mail server. :wink:

\

Rick Duff Internet: rick@astranetwork.com
Astra Network URL: http://www.astranetwork.com
QNX Consulting and Custom Programming Phone: +1 (204) 997-NETW (6389)