Wiping a File Under Solaris

Some times you may need to securely erase a file, so that it can't be recovered. Simply using the rm command to remove the file does not ensure that the information contained in it can not be recovered from a disk. The wipe utility will securely erase a file, so that its contents are no longer recoverable.

Solaris packages for the wipe utility for Sparc and x86, i.e. Intel systems, are freely available from Fetter Consulting. To install and use the wipe utility take the following steps:

  1. Download the appropriate package for your system.
  2. Uncompress the .bz2 file that you have downloaded.
    # bunzip2 SETECwipe-0.16-sol8-intel-local.bz2
  3. Use the pkgadd command to install the package on your system. The following command assumes that your current directory is the directory into which you downloaded the package.
    Generic Category (English)120x600
    # pkgadd -d ./SETECwipe-0.16-sol8-intel-local
    The following packages are available: 1 SETECwipe Wipe (Sol8 x86 Build) (x86) 0.16 Select package(s) you wish to process (or 'all' to process all packages). (default: all) [?,??,q]: 1 Processing package instance <SETECwipe> from </home/jdoe/sysadmin/SETECwipe-0.16-sol8-intel-local> Wipe (Sol8 x86 Build)(x86) 0.16 http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html The selected base directory </usr/local> must exist before installation is attempted. Do you want this directory created now [y,n,?,q] y Using </usr/local> as the package base directory. ## Processing package information. ## Processing system information. ## Verifying disk space requirements. ## Checking for conflicts with packages already installed. ## Checking for setuid/setgid programs. Installing Wipe (Sol8 x86 Build) as <SETECwipe> ## Installing part 1 of 1. /usr/local/bin/wipe /usr/local/doc/wipe/BUGS /usr/local/doc/wipe/CHANGES /usr/local/doc/wipe/COPYING /usr/local/doc/wipe/DOCUMENTATION /usr/local/doc/wipe/GPL /usr/local/doc/wipe/README /usr/local/doc/wipe/secure_del.html /usr/local/man/man1/wipe.1 /usr/local/man/man1/wipe.tr-asc.1 /usr/local/man/man1/wipe.tr.1 [ verifying class <none> ] Installation of <SETECwipe> was successful.

If you took the steps above, you should now be able to run the wipe command from /usr/local. You can get help on the wipe utility by typing "wipe -h".

# /usr/local/bin/wipe -h
Usage:          wipe [options] files...
Options:        -f Force, ie. don't ask for confirmation
                -c Do chmod on write-protected files
                -r Recurse into directories
                -q Quick wipe, less secure, 4 random passes by default
                -Q <number>: set number of passes for quick wipe
                -a Abort on error
                -i Informational (verbose) mode
                -s Silent mode
                -R Set random device OR random seed command
                -S (r|c|p) Random seed method
                         r Read from random device (strong)
                         c Read from output of random seed command
                         p Use pid (), clock () etc. (weakest)
                -M (l|r) Set PRNG algorythm
                         l Use libc ()'s rand ()library call
                         a Use arcfour encryption algorythm
                -v Show version information
                -k Keep files, i.e. do not remove() them after overwriting
                -F Do not attempt to wipe filenames
                -T <tries> Set maximum number of tries for free
                        filename search; default is 10
                -P <passes> Set number of passes for filename wiping.
                        Default is 1.
                -h Display this help
                -Z Do not wipe file size
                -l <length> Set wipe length to <length> bytes, where <length> is
                        an integer followed by K (Kilo:1024), M (Mega:K^2) or
                        G (Giga:K^3)
                -o <offset> Set wipe offset to <offset>, where <offset> has the
                        same format as <length>
                -e Use exact file size: do not round up file size to wipe
                        possible remaining junk on the last block
                -b <buffer-size-lg2> Set the size of the individual i/o buffers
                        by specifying its logarithm in base 2. up to 30 of these
                        buffers might be allocated

To wipe a file, simply specify the filename on the command line.

# /usr/local/bin/wipe /home/jdoe/sensitive-info.pdf
Okay to WIPE 1 regular file ? (Yes/No) yes
Operation finished.
1 file (0 special) in 0 directories wiped, 0 errors occured.


Download Wipe 0.16 Package
Fetter Consulting (archived at The Wayback Machine) Sparc and x86
MoonPoint Solaris 8 x86 Solaris 6 Sparc Solaris 7 Sparc Solaris 8 Sparc


TechRabbit ad 300x250 newegg.com

Justdeals Daily Electronics Deals1x1 px

Valid HTML 4.01 Transitional

Created: Wednesday December 14, 2005 5:05 PM