Don Schmadel wrote: > What does the program "shred" do in this regard? > > -Don > I haven't used shred before, but doing a bit of quick research on it shows the following:
shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective: * log-structured or journaled filesystems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.) * filesystems that write redundant data and carry on even if some writes fail, such as RAID-based filesystems * filesystems that make snapshots, such as Network Appliance's NFS server * filesystems that cache in temporary locations, such as NFS version 3 clients * compressed filesystems ----- So it looks like shred is a legacy command that's kept around for use on older filesystems - but current filesystems do not work with it. I'm not familiar enough with the internals of those filesytems to say how you'd write a secure delete program for it, but I'd imagine it would probably have to run in-kernel (or at least have hooks to the kernel) to have direct access to the filesystem buffers - so it can do "write-in-place" and be able to remove all traces without the operating system rearranging things behind the scenes. Of course, I may be wrong - I'm just not familiar enough with secure delete programs to say for sure. Joe
