DEV Community

Adarsh Goyal
Adarsh Goyal

Posted on

rm command removes the file, really?

Do you really think that just doing rm "your file name" will remove the file completely? if YES you need to read this blog till end.

just do a

rm --help
Enter fullscreen mode Exit fullscreen mode

and see the information, you will see a note there like this

rm information

this note suggests to use the shred command so do I did

shred --help
Enter fullscreen mode Exit fullscreen mode

shred info

This seems like a good note and I was relaxed that my file will be removed completely now or at least will be harder to recover. and made my mind to use shred instead of rm from now but wait got this CAUTION in the end.

shred cautuion

at last I red a few blogs but could not find a command which does the JOB, can anyone suggest a better command than these two or a way to remove the file as I have some important credentials file which I need to remove completely ?

Tell me in your answers here.

Top comments (10)

Collapse
 
christiankozalla profile image
Christian Kozalla

In most cases rm is sufficient, when the file is not confidential.. So, when using rm, memory is freed and will be overwritten eventually. Why would I use shred if the file itself is not confidential?

Collapse
 
adarshgoyal profile image
Adarsh Goyal

@christiankozalla that's what my point is, if the file is *confidential * then what should be the best approach to deal with it?

Collapse
 
moopet profile image
Ben Sinclair

I'd treat the confidentiality as a drive-wide problem.

When I used to work with different levels of clearance, we'd store stuff on removable media, and it was colour-coded - black for general, green for confidential, pink for secret.

You weren't allowed to copy a secret file onto a confidential drive, or if you did, that drive would become "secret" from that point on and need to change colour. In practice this didn't happen because we were using coloured plastic shells which couldn't be replaced and not stickers, but there were sticker-based ways of working too.

The problem is that if you have a confidential document and open it in, say, a word processor, it's highly likely that portions of that file or its entire contents will be saved in various temporary storage as the application works.

Shredding the original file doesn't mean there aren't copies of it in other, unrelated places on the drive. SSDs will rotate the areas they write to every time as well.

This becomes even more of a problem when you're using a swap file or scratch space on a different drive.

tl;dr: treat the whole drive as confidential, wipe it completely (i.e. overwrite every sector) if you want to start over.

Collapse
 
christiankozalla profile image
Christian Kozalla

Oh, sorry. I didn't understand your post this way. Just thought, you mean one should always use shred instead of rm - from this particular line:

"and made my mind to use shred instead of rm from now"

Collapse
 
manchicken profile image
Mike Stemle

My advice would simply be to never store credentials on a normal filesystem. When you must store credentials on a filesystem, use encryption for the file individually.

Never trust your filesystem alone with sensitive information.

Collapse
 
adarshgoyal profile image
Adarsh Goyal

"Never trust your filesystem alone with sensitive information " -> that's a great point

Collapse
 
moopet profile image
Ben Sinclair

Your credentials file will be loaded into memory at some point and quite possibly saved back out as part of a swap file or temporary storage. If you have a file you want to delete permanently you should overwrite the entire contents of the drive. If it's really important, you should physically destroy the drive.

Collapse
 
ecyrbe profile image
ecyrbe

You should use either file level encryption (like gpg) or partition level encryption (like cryptsetup) if you are paranoïd enough about the content of some files.

Collapse
 
adarshgoyal profile image
Adarsh Goyal

ya that's a good option using a key and removing the key later.

Collapse
 
mikgross profile image
Mikael

Smash a hole in your hard drive 😅