The Boredom of Ramfree17

[TipJar] Quickly wipe a file in a Linux shell

Jul 22

ErinFLOSS, Tipjar Linux, scripting, Tipjar No Comments

No time to read through contexts? Jump to the TL;DR; section.

There are use cases that require the secure wiping or deletion of files. There are already a lot of available utilities available in most modern distributions such as srm, swipe, etc. These however entail installing an additional package which is fine for work machines. The use case I had is to securely delete a transient file after it was generated and used in a Continuous Integration server. Installing the secure-delete package is trivial but a base Linux system already has the tool that can do the job: dd

TL;DR Version

Gist: get the byte count of the file, overwrite the file with zeroes and then delete it.


$ targetfile=/tmp/confidentialfile
$ dd if=/dev/zero of=$targetfile bs=1 count=$(wc -c $targetfile | cut -f1 -d' ')


The file can optionally be deleted. This is being done in a linux build agent node so it was not necessary for this use case. Below is a sample execution in a local machine which gets the inode of the file before and after deletion.


$ info bash -o - > confidential-file
$ wc -c confidential-file
342130 confidential-file

$ stat $targetfile
File: confidential-file
Size: 342130 Blocks: 672 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 786462 Links: 1
Access: (0664/-rw-rw-r--) Uid: ( 1000/ vagrant) Gid: ( 1000/ vagrant)
Access: 2021-07-22 09:29:29.803217204 +0800
Modify: 2021-07-22 09:30:50.454876216 +0800
Change: 2021-07-22 09:30:50.454876216 +0800
Birth: 2021-07-22 09:29:29.803217204 +0800