使用shred工具彻底粉碎文件¶

Usage: shred [OPTION]... FILE...

  -f, --force               如果需要则会强制改变权限为可写，从而可以覆盖文件
  -n, --iterations=N        默认覆盖3次，否则覆盖N次
      --random-source=FILE  从指定文件中随机获取内容用于覆盖目标文件
  -s, --size=N              覆盖多少字节的内容，可以使用后缀(K,M,G)
  -u, --remove[=HOW]        覆盖文件后先截断再删除
  -v, --verbose             显示进度详情
  -x, --exact               不自动将随机文件大小增加到临近块大小，一般对于非普通文件都默认激活此选项
  -z, --zero                最后用0覆盖一遍目标文件, 对文件系统隐藏覆盖行为

$ info coreutils 'shred invocation'

'shred' overwrites devices or files, to help prevent even very expensive
hardware from recovering the data.

   Ordinarily when you remove a file (*note rm invocation::), the data
is not actually destroyed.  Only the index listing where the file is
stored is destroyed, and the storage is made available for reuse.  There
are undelete utilities that will attempt to reconstruct the index and
can bring the file back if the parts were not reused.

   On a busy system with a nearly-full drive, space can get reused in a
few seconds.  But there is no way to know for sure.  If you have
sensitive data, you may want to be sure that recovery is not possible by
actually overwriting the file with non-sensitive data.

   However, even after doing that, it is possible to take the disk back
to a laboratory and use a lot of sensitive (and expensive) equipment to
look for the faint "echoes" of the original data underneath the
overwritten data.  If the data has only been overwritten once, it's not
even that hard.
   The best way to remove something irretrievably is to destroy the
media it's on with acid, melt it down, or the like.  For cheap removable
media like floppy disks, this is the preferred method.  However, hard
drives are expensive and hard to melt, so the 'shred' utility tries to
achieve a similar effect non-destructively.

   ......

   If you are not sure how your file system operates, then you should
assume that it does not overwrite data in place, which means that shred
cannot reliably operate on regular files in your file system.

   Generally speaking, it is more reliable to shred a device than a
file, since this bypasses the problem of file system design mentioned
above.  However, even shredding devices is not always completely
reliable.  For example, most disks map out bad sectors invisibly to the
application; if the bad sectors contain sensitive data, 'shred' won't be
able to destroy it.