Normally when you delete something with the rm command the file is left alone and is only unlinked in the filesystem, if it was a soft link it will just be deleted, if it was a hard link and it is the only one left pointing to the data the hard link will be deleted. In no case is the data actually erased or otherwise removed from the disk.
There are solutions to this problem on all platforms, on Windows there is the Eraser tool, on *nix systems there are the shred, wipe and probably a few other commands. And on FreeBSD and therefor OS X, there is the srm command.
The syntax is identical to rm but with some new options to control the number of random passes. The default is 35 passes of pseudorandom data, I presume from the /dev/urandom device. However you can also limit or alter this behavior with these options:
- -s does a single overwrite pass
- -m only does 7 passes
- -z zeros out the data after the random passes
The command also renames the file before removing it from the filesystem to prevent recovery of filenames.
This is a significant advantage for scripting purposes and for system administrators who work in the terminal often, since this command can be reliably assumed to be present on every OS X system and does not require the installation of a ports system or a package, or compiling source code.
Leave a comment or question