Linux – Linux for SET FILE/ERASE_ON_DELETE

filesystemslinuxopenvmsrmSecurity

In VMS one may tell the file system to write junk over the existing contents of a file when it is deleted. Here is the DCL command to identify the file for this kind of treatment:

 $ SET FILE/ERASE_ON_DELETE SAMPLE.TXT

This allows the policy to be set at one point in time then later users of the file do not
have to handle that detail of security. A standard delete which takes the file name out of the directory and frees the space for another file to use will also modify the existing contents to prevent the next user from reading it. The normal delete:

$ DELETE SAMPLE.TXT.*

What is Linux for this?

Best Answer

This is supported only by some Linux filesystems:

chattr +s sample.txt

may (or may not) do what you want.

From man chattr:

NAME
       chattr - change file attributes on a Linux second extended file system
...
       When a file with the ‘s’ attribute set is deleted, its blocks are
       zeroed and written back to the disk.  Note: please make sure to read
       the bugs and limitations section at the end of this document.
...
BUGS AND LIMITATIONS
       The  ‘c’, ’s’, and ‘u’ attributes are not honored by the ext2
       and ext3 filesystems as implemented in the current mainline Linux
       kernels. These attributes may be implemented in future versions of
       the ext2 and ext3 filesystems.

I do not know which specific mainline kernel versions (if any) implement this.

Best Answer

Related Solutions

What client for DECwindows

Apache and PHP – Recommended User and File Permissions for /var/www

Related Question