rm
command to remove the file
does not ensure that the information contained in it can not be recovered
from a disk. The wipe
utility will securely erase a file,
so that its contents are no longer recoverable.
Solaris packages for the wipe utility for Sparc and x86, i.e. Intel systems, are freely available from Fetter Consulting. To install and use the wipe utility take the following steps:
# bunzip2 SETECwipe-0.16-sol8-intel-local.bz2
pkgadd
command to install the
package on your system. The following command assumes that your current
directory is the directory into which you downloaded the package.
# pkgadd -d ./SETECwipe-0.16-sol8-intel-local
The following packages are available:
1 SETECwipe Wipe (Sol8 x86 Build)
(x86) 0.16
Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: 1
Processing package instance <SETECwipe> from </home/jdoe/sysadmin/SETECwipe-0.16-sol8-intel-local>
Wipe (Sol8 x86 Build)(x86) 0.16
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
The selected base directory </usr/local> must exist before
installation is attempted.
Do you want this directory created now [y,n,?,q] y
Using </usr/local> as the package base directory.
## Processing package information.
## Processing system information.
## Verifying disk space requirements.
## Checking for conflicts with packages already installed.
## Checking for setuid/setgid programs.
Installing Wipe (Sol8 x86 Build) as <SETECwipe>
## Installing part 1 of 1.
/usr/local/bin/wipe
/usr/local/doc/wipe/BUGS
/usr/local/doc/wipe/CHANGES
/usr/local/doc/wipe/COPYING
/usr/local/doc/wipe/DOCUMENTATION
/usr/local/doc/wipe/GPL
/usr/local/doc/wipe/README
/usr/local/doc/wipe/secure_del.html
/usr/local/man/man1/wipe.1
/usr/local/man/man1/wipe.tr-asc.1
/usr/local/man/man1/wipe.tr.1
[ verifying class <none> ]
Installation of <SETECwipe> was successful.
If you took the steps above, you should now be able to run the wipe command from /usr/local. You can get help on the wipe utility by typing "wipe -h".
# /usr/local/bin/wipe -h
Usage: wipe [options] files...
Options: -f Force, ie. don't ask for confirmation
-c Do chmod on write-protected files
-r Recurse into directories
-q Quick wipe, less secure, 4 random passes by default
-Q <number>: set number of passes for quick wipe
-a Abort on error
-i Informational (verbose) mode
-s Silent mode
-R Set random device OR random seed command
-S (r|c|p) Random seed method
r Read from random device (strong)
c Read from output of random seed command
p Use pid (), clock () etc. (weakest)
-M (l|r) Set PRNG algorythm
l Use libc ()'s rand ()library call
a Use arcfour encryption algorythm
-v Show version information
-k Keep files, i.e. do not remove() them after overwriting
-F Do not attempt to wipe filenames
-T <tries> Set maximum number of tries for free
filename search; default is 10
-P <passes> Set number of passes for filename wiping.
Default is 1.
-h Display this help
-Z Do not wipe file size
-l <length> Set wipe length to <length> bytes, where <length> is
an integer followed by K (Kilo:1024), M (Mega:K^2) or
G (Giga:K^3)
-o <offset> Set wipe offset to <offset>, where <offset> has the
same format as <length>
-e Use exact file size: do not round up file size to wipe
possible remaining junk on the last block
-b <buffer-size-lg2> Set the size of the individual i/o buffers
by specifying its logarithm in base 2. up to 30 of these
buffers might be allocated
To wipe a file, simply specify the filename on the command line.
# /usr/local/bin/wipe /home/jdoe/sensitive-info.pdf
Okay to WIPE 1 regular file ? (Yes/No) yes
Operation finished.
1 file (0 special) in 0 directories wiped, 0 errors occured.
Site | Architecture | ||||
---|---|---|---|---|---|
Fetter Consulting (archived at The Wayback Machine) | Sparc and x86 | ||||
MoonPoint | Solaris 8 x86 | Solaris 6 Sparc | Solaris 7 Sparc | Solaris 8 Sparc |
Created: Wednesday December 14, 2005 5:05 PM