Do you really think that just doing rm "your file name" will remove the file completely? if YES you need to read this blog till end.
just do a
rm --help
and see the information, you will see a note there like this
this note suggests to use the shred command so do I did
shred --help
This seems like a good note and I was relaxed that my file will be removed completely now or at least will be harder to recover. and made my mind to use shred instead of rm from now but wait got this CAUTION in the end.
at last I red a few blogs but could not find a command which does the JOB, can anyone suggest a better command than these two or a way to remove the file as I have some important credentials file which I need to remove completely ?
Tell me in your answers here.
Top comments (10)
In most cases rm is sufficient, when the file is not confidential.. So, when using rm, memory is freed and will be overwritten eventually. Why would I use shred if the file itself is not confidential?
@christiankozalla that's what my point is, if the file is *confidential * then what should be the best approach to deal with it?
I'd treat the confidentiality as a drive-wide problem.
When I used to work with different levels of clearance, we'd store stuff on removable media, and it was colour-coded - black for general, green for confidential, pink for secret.
You weren't allowed to copy a secret file onto a confidential drive, or if you did, that drive would become "secret" from that point on and need to change colour. In practice this didn't happen because we were using coloured plastic shells which couldn't be replaced and not stickers, but there were sticker-based ways of working too.
The problem is that if you have a confidential document and open it in, say, a word processor, it's highly likely that portions of that file or its entire contents will be saved in various temporary storage as the application works.
Shredding the original file doesn't mean there aren't copies of it in other, unrelated places on the drive. SSDs will rotate the areas they write to every time as well.
This becomes even more of a problem when you're using a swap file or scratch space on a different drive.
tl;dr: treat the whole drive as confidential, wipe it completely (i.e. overwrite every sector) if you want to start over.
Oh, sorry. I didn't understand your post this way. Just thought, you mean one should always use shred instead of rm - from this particular line:
"and made my mind to use shred instead of rm from now"
My advice would simply be to never store credentials on a normal filesystem. When you must store credentials on a filesystem, use encryption for the file individually.
Never trust your filesystem alone with sensitive information.
"Never trust your filesystem alone with sensitive information " -> that's a great point
Your credentials file will be loaded into memory at some point and quite possibly saved back out as part of a swap file or temporary storage. If you have a file you want to delete permanently you should overwrite the entire contents of the drive. If it's really important, you should physically destroy the drive.
You should use either file level encryption (like gpg) or partition level encryption (like cryptsetup) if you are paranoïd enough about the content of some files.
ya that's a good option using a key and removing the key later.
Smash a hole in your hard drive 😅