LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-31-2015, 08:05 PM   #1
d9esco
LQ Newbie
 
Registered: Aug 2015
Posts: 12

Rep: Reputation: Disabled
Secure Deleting Files in Linux? Overwriting files with bits to secure erase?


Is there an option on Linux other than shred that will overwrite data?
The shred command only works for specific files and not the entire contents of folders. Id rather have the option integrated in the shell so the options given as you actually right click a/multiple file/folders.
 
Old 08-31-2015, 10:11 PM   #2
Beryllos
Member
 
Registered: Apr 2013
Location: Massachusetts
Distribution: Debian
Posts: 304

Rep: Reputation: 121Reputation: 121
You can make shred work on all files in a directory like this:
Code:
find /target/directory -type f -exec shred --zero --remove {} \;
 
Old 08-31-2015, 10:15 PM   #3
Ztcoracat
LQ Guru
 
Registered: Dec 2011
Distribution: Slackware
Posts: 6,371
Blog Entries: 6

Rep: Reputation: Disabled
Hi:

I've never tried overwrite with mv or copy but these links should help.
See man overwrite-

http://linux.die.net/man/3/overwrite
http://www.rapidtables.com/code/linu...-overwrite.htm

You need to pass the -i option to cp. It will prompt the user if file already existing in a destination directory so that file would be overwritten with confirmation:
http://www.cyberciti.biz/faq/cp-copy...unix-examples/

http://superuser.com/questions/41446...ile-using-echo

---------- Post added 08-31-15 at 10:16 PM ----------

Quote:
Originally Posted by Beryllos View Post
You can make shred work on all files in a directory like this:
Code:
find /target/directory -type f -exec shred --zero --remove {} \;
Thanks-
 
Old 08-31-2015, 10:48 PM   #4
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 2,957

Rep: Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267
Quote:
Originally Posted by Ztcoracat View Post
You need to pass the -i option to cp. It will prompt the user if file already existing in a destination directory so that file would be overwritten with confirmation
The only thing the "-i" option does is prompt the user for confirmation before writing to an existing file. It does not otherwise affect the operation of cp. There is absolutly no assurance that the same data blocks previously allocated to the file will be written with the new data. The first thing that cp does with the file is open it with the O_WRONLY and O_TRUNC options, which will truncate the file to zero length, deallocating the blocks it was using. As data is written, blocks will be allocated to receive it, but not necessarily the same blocks. For some filesystems, the allocator might well pick the blocks that were just freed, but that is not assured.

The shred command, and others like it, attempt to overwrite the same blocks by opening the file without the O_TRUNC option, but even then not all filesystems will perform the writes to the same logical blocks. And for devices like SSDs and flash drives, even overwriting the same logical blocks will almost certainly not write to the same physical blocks on the device.
 
Old 08-31-2015, 11:10 PM   #5
Ztcoracat
LQ Guru
 
Registered: Dec 2011
Distribution: Slackware
Posts: 6,371
Blog Entries: 6

Rep: Reputation: Disabled
Quote:
Originally Posted by rknichols View Post
The only thing the "-i" option does is prompt the user for confirmation before writing to an existing file. It does not otherwise affect the operation of cp. There is absolutly no assurance that the same data blocks previously allocated to the file will be written with the new data. The first thing that cp does with the file is open it with the O_WRONLY and O_TRUNC options, which will truncate the file to zero length, deallocating the blocks it was using. As data is written, blocks will be allocated to receive it, but not necessarily the same blocks. For some filesystems, the allocator might well pick the blocks that were just freed, but that is not assured.

The shred command, and others like it, attempt to overwrite the same blocks by opening the file without the O_TRUNC option, but even then not all filesystems will perform the writes to the same logical blocks. And for devices like SSDs and flash drives, even overwriting the same logical blocks will almost certainly not write to the same physical blocks on the device.
In that case; what method of cmd practice gives assurance that overwrite will be a sucess?
 
Old 08-31-2015, 11:16 PM   #6
Ztcoracat
LQ Guru
 
Registered: Dec 2011
Distribution: Slackware
Posts: 6,371
Blog Entries: 6

Rep: Reputation: Disabled
In this article you can force cp to overwrite w/o confirmation.
http://stackoverflow.com/questions/8...t-confirmation

Is this a bad practice rknichols?
 
Old 09-01-2015, 09:57 AM   #7
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: CentOS
Posts: 2,957

Rep: Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267Reputation: 1267
Quote:
Originally Posted by Ztcoracat View Post
In this article you can force cp to overwrite w/o confirmation.
http://stackoverflow.com/questions/8...t-confirmation

Is this a bad practice rknichols?
You can make cp replace an existing file without confirmation. In fact, that's what it does by default unless you have "cp" aliased to "cp -i". There is nothing you can do to ensure that cp will securely overwrite the disk blocks used by an existing file.
 
Old 09-01-2015, 08:17 PM   #8
Ztcoracat
LQ Guru
 
Registered: Dec 2011
Distribution: Slackware
Posts: 6,371
Blog Entries: 6

Rep: Reputation: Disabled
Quote:
Originally Posted by rknichols View Post
You can make cp replace an existing file without confirmation. In fact, that's what it does by default unless you have "cp" aliased to "cp -i". There is nothing you can do to ensure that cp will securely overwrite the disk blocks used by an existing file.
I understand now-

Thanks-
 
Old 09-01-2015, 11:30 PM   #9
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,817

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
i have liked the Debian "srm" for years
it builds on Fedora on rhel and is in the Opensuse base packages

Code:
srm --help

Usage: srm [OPTION]... [FILE]...
Overwrite and remove (unlink) the files.

  -d, --directory       ignored (for compatability with rm(1))
  -f, --force           ignore nonexistant files, never prompt
  -i, --interactive     prompt before any removal
  -x, --one-file-system do not cross file system boundaries
  -s, --simple          overwrite with single pass using 0x00
  -P, --openbsd         overwrite with three passes like OpenBSD rm
  -D, --dod             overwrite with 7 US DoD compliant passes
  -E, --doe             overwrite with 3 US DoE compliant passes
  -r, -R, --recursive   remove the contents of directories
  -v, --verbose         explain what is being done
  -h, --help            display this help and exit
  -V, --version         display version information and exit

BUT!!! and it is a VERY BIG BUTT

modern file systems might not write the data to the exact same sector

however there is a work around " dd"
you use it to make one honking HUGE file in the partition using rand or zero

for the root " / " partition
Code:
su -
dd  if=/dev/zero of=/BIG_FILE.bin
and use the mount point for other partitions
"of=/dev/hdc2/BIG_FILE.bin "

Last edited by John VV; 09-01-2015 at 11:39 PM.
 
Old 09-02-2015, 11:18 AM   #10
hortageno
Member
 
Registered: Aug 2015
Distribution: Ubuntu 14.04 LTS
Posts: 230

Rep: Reputation: 65
Quote:
Originally Posted by John VV View Post
and use the mount point for other partitions
"of=/dev/hdc2/BIG_FILE.bin "
What do you mean by that? You can't write to /dev/hdc2/BIG_FILE.bin
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Most secure way to automatically copy files from Linux to Windows? pingu Linux - Security 3 03-25-2012 04:22 PM
How do I use the dd command to do a secure erase using Try Ubuntu? php111 Linux - Newbie 10 10-15-2011 10:26 PM
hdparm secure erase dman777 Linux - General 5 01-13-2011 05:28 PM
Secure erase HDD from within itself paddyrooney Linux - Security 4 12-16-2009 05:20 PM
Secure Erase Tool? subaruwrx General 5 08-14-2004 11:51 PM


All times are GMT -5. The time now is 12:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration