I would like to suggest offering secure file deletion via an rm option. This would be implemented by opening the file, determining its length, and overwriting the full length with random data. The writing could be repeated an arbitrary number of times. By no means would this be a foolproof solution to secure deletion. Assuming overwriting blocks on the device actually makes it impossible for even specialized hardware to read the previous contents, there's still no way to know if the file has been truncated. However, this is typically not a concern with logfiles. If the documentation makes the limitations sufficiently clear, this could be a very useful feature for sysadmins and others. I can try implementing this if you'd like, or I can send you the somewhat nonportable hack I wrote to do this task (it does nothing interesting or clever). My apologies if this has been suggested and rejected before; I didn't see it in the TODO file and couldn't find any relevant list archives. -- Omer Shenker [EMAIL PROTECTED]
