I need a way to securely wipe guest accounts accounts off of my machine. On OSX, guests are automatically deleted on logout, with this deletion being done using the "RM" command. I need a way to alter this to either the secure form of "RM" (RM -p I believe?) or to use "SRM" instead.
Alternatively, workarounds would be highly helpful. Currently, I believe it may be possible to replace "RM" with "SRM" on a system level, albeit I am unsure if it is plausible or possible. Other workarounds I have considered is manually deleting the files (it should be possible to run a script on logout that does this?) or, on startup, find a way to potentially write over the HDD sectors with 0's and 1's.
In summation….
Is it possible (and if so, how) to delete guest account data securely?
Note I am tagging this under OSX, UNIX, and LINUX because I feel that an answer would be valid for all platforms of this type. This was also Xposted on Stack Overflow
Best Answer
It's kinda possible. You can use a logout hook to run a script when a user logs out. This will also be run when the guest user is logged out, too. All you would need to do is create a script that SRMs the guest home folder when the Mac is logged out of or shut down.
This command will initiate a login hook (presuming that /usr/local/bin/logoutscript exists and is chmodded correctly so that the script is executable)
You can easily write a shell script that would SRM the Guest account home folder.