Personal computing discussed

Moderators: renee, SecretSquirrel, notfred

 
Dirge
Gerbil Jedi
Topic Author
Posts: 1620
Joined: Thu Feb 19, 2004 3:08 am

Shred command

Sat Dec 13, 2008 7:40 am

I want to shred some personal files and wonder if there is any way to shred a directory and its subdirectories recursively?

The error I get when I try the command below under Ubuntu 8.10 is "shred: filename/: failed to open for writing: Is a directory"
shred -n 3 -vuz filename
Last edited by Dirge on Sat Dec 13, 2008 7:50 am, edited 2 times in total.
FDISK /MBR
 
Dirge
Gerbil Jedi
Topic Author
Posts: 1620
Joined: Thu Feb 19, 2004 3:08 am

Re: Shred commcand

Sat Dec 13, 2008 7:48 am

To answer my own question it seems shred doesn't suppport recursion. http://www.slac.stanford.edu/comp/unix/secure-erase.html#EraseFiles

In case anyone cares.. scary thing I just found is this warning from the same site.

Warning: shred follows symbolic links, which can have surprising and probably unintended results. Make sure you only list regular files on the command line.
FDISK /MBR
 
notfred
Maximum Gerbil
Posts: 4610
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Shred command

Sat Dec 13, 2008 10:55 am

shred is probably not going to do what you want it to do as I suspect you are running a modern file system.
manpage wrote:
CAUTION: Note that shred relies on a very important assumption: that
the file system overwrites data in place. This is the traditional way
to do things, but many modern file system designs do not satisfy this
assumption. The following are examples of file systems on which shred
is not effective, or is not guaranteed to be effective in all file sys‐
tem modes:

* log-structured or journaled file systems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Shred command

Sat Dec 13, 2008 1:14 pm

As notfred notes, shred probably isn't doing what you think it is if you're running a journaling file system (ext3, jfs, ntfs, etc.) To be truly effective at removing all traces of the sensitive data, you would need to shred the entire raw partition and reformat.

If you're intent on using it anyway, using the find command to recurse through the directory tree and invoke shred is the way to do it. But all you'd really be doing is giving yourself a false sense of security.
Nostalgia isn't what it used to be.
 
Dirge
Gerbil Jedi
Topic Author
Posts: 1620
Joined: Thu Feb 19, 2004 3:08 am

Re: Shred command

Sat Dec 13, 2008 5:17 pm

Thanks for the heads up before I start wasting my time with that command. I don't want to compromise myself with a false sense of security either. I found shred mentioned in Linux Server Hacks, Volume Two but saw no mention of the drawbacks.
FDISK /MBR
 
notfred
Maximum Gerbil
Posts: 4610
Joined: Tue Aug 10, 2004 10:10 am
Location: Ottawa, Canada

Re: Shred command

Sat Dec 13, 2008 5:45 pm

If you really want to be sure that something is gone then I would DBAN the drive (after backing up anything that you cared about on that drive). I do that on any old hard drives before I recycle them.
 
Dirge
Gerbil Jedi
Topic Author
Posts: 1620
Joined: Thu Feb 19, 2004 3:08 am

Re: Shred command

Sat Dec 13, 2008 5:57 pm

Yup I have a copy of DBAN for just such an occasion.
FDISK /MBR
 
just brew it!
Administrator
Posts: 54500
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Shred command

Sun Dec 14, 2008 12:00 pm

Looks like notfred and I may have jumped the gun a bit. If you're using ext3 with default settings, shred may still be of some value:
shred man page wrote:
In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual. Ext3 journaling modes can be changed by adding the data=something option to the mount options for a particular file system in the /etc/fstab file, as documented in the mount man page (man mount).
Nostalgia isn't what it used to be.

Who is online

Users browsing this forum: No registered users and 1 guest
GZIP: On