Lib.rs

Cryptography
#command-line-tool #secure

bin+lib file_shred

Library and binary to securily delete files, overwriting and moving them before removal

by Mark Verleg

4 stable releases

1.1.3 Apr 28, 2023
1.1.2 Mar 26, 2023
1.1.0 Apr 18, 2020
1.0.0 Mar 29, 2020

#45 in #secure

Download history 94/week @ 2024-06-10 230/week @ 2024-06-17 89/week @ 2024-06-24 252/week @ 2024-07-01 139/week @ 2024-07-08 129/week @ 2024-07-15 145/week @ 2024-07-22 187/week @ 2024-07-29 111/week @ 2024-08-05 140/week @ 2024-08-12 157/week @ 2024-08-19 98/week @ 2024-08-26 128/week @ 2024-09-02 116/week @ 2024-09-09 146/week @ 2024-09-16 190/week @ 2024-09-23

580 downloads per month
Used in file_endec

BSD-3-Clause

32KB
801 lines

Tests

Dependencies

File shred

Command line utility that safely deletes files.

Functionality

  • Repeatedly overwrite the file content with random data and specific patterns.
  • Rename repeatedly to hide that the file ever existed.
  • Remove access- and modification time.
  • Truncate then delete the file.

In Docker

Run the shredder with Docker:

docker run --rm -it -v "$(pwd):/data" mverleg/file-shred -- file.txt

You can mount any directory in which you want to shred files; the above example uses the current directory $(pwd).

To build the image yourself (instead of downloading from Dockerhub), clone the Github project and run:

docker build -t mverleg/file-shred .

This will also run the tests and lints, to verify that your version is okay.

As binary

You can shred files like

shred file.txt image.png /tmp/stuff/*

There are command line options for various things::

USAGE:
    shred [FLAGS] [OPTIONS] <FILES>...

FLAGS:
    -v, --debug         Show debug information, especially on errors.
    -h, --help          Prints help information
    -k, --keep          Destroy the data, but do not rename or delete the file. Useful for non-regular files like special system devices.
    -y, --no-confirm   Delete files without asking for confirmation.
    -q, --quiet         Do not show progress or other non-critical output.
    -V, --version       Prints version information

OPTIONS:
        --overwrite-count <overwrite-count>    Number of times the file is overwritten (at least 1). [default: 10]
        --rename-count <rename-count>          Number of times the file is renamed.

As library

  • Create an instance of ::file_shred::ShredConfig, options largely correspond to the command-line ones.
  • In particular note confirmation_prompt=false if there might not be an interactive session present.
  • Call the ::file_shred::shred function and pass this config.

Keep in mind that:

There are no security guarantees, and the author is not a professional security expert. Use at your own risk.

  • Obviously, be careful. The purpose of this tool is to irrecoverably delete data. I cannot help you get data back if you delete it by accident.
  • Note that data recovery difficulty depends on the environment (operating system, hard disk formatting, physical medium). For some configurations, overwriting may not work.

This is used by file_endec.

Dependencies

~5–12MB
~137K SLoC