我正在测试 coreutils/usr/bin/shred命令。
即使我告诉 shred “截断”(删除)文件,它仍会留下文件名的痕迹。我假设 shred 会删除文件名的所有元数据。这是预期行为吗?
您将无法复制/粘贴此内容,但它可以让您了解我在做什么:
dd if=/dev/zero of=fs bs=1M count=300
hexdump -C fs # verify it's empty
mkfs.ext4 fs
mkdir m
sudo mount fs m
sudo chown -R $USER m
cd m
echo secretkey > passwords.txt
cd ..
sudo umount m
grep secretkey fs # <== shows up as expected
grep passwords.txt fs
hexdump -C fs | grep sec
hexdump -C fs | grep pass
sudo mount fs m
cd m
/usr/bin/shred -vuz -n 1 passwords.txt
cd ..
sudo umount m
grep secretkey fs # <== does not show up, this is good
grep passwords.txt fs # <== PROBLEM: filename still shows
hexdump -C fs | grep sec
hexdump -C fs | grep pass
此文件系统的‘mount’命令给出:
type ext4 (rw,relatime,data=ordered)
帮助?
答案1
man shred说:
NAME
shred - overwrite a file to hide its contents, and optionally delete it
DESCRIPTION
Overwrite the specified FILE(s) repeatedly, in order to make it harder for
even very expensive hardware probing to recover the data.
这仅提及文件内容/数据,从未暗示隐藏文件名,这将是另一个问题(可能是硬/软链接等)。您是否尝试在粉碎文件之前重命名文件?