With my severance from Sun/Oracle, I have to return to them their computer equipment, including a chunky workstation, and a nice 24″ monitor which I’ll miss. As part of housekeeping I knew I needed to dispose of sensitive information on the workstation: things like private keys, passwords, etc.
Short of destroying the disc in the fires of Mount Doom, the best I can do is to overwrite everything sensitive, so I hacked up a little utility to overwrite a file, then ran it with find(1) to overwrite a lot of stuff before deleting it. First, known sensitive stuff like .gnupg and .ssh. Then my entire home directory, to be sure to catch things like credentials cached by browsers and mailers. Plus, for good measure, other home directories created for particular apps, and /root.
Then on to /var, and eventually /etc, by which time sensitive data are indeed erased. And the system is essentially unusable and will have to be reinstalled – which is what I’d expect to happen in any case. Now I can’t ever log in again, and since I don’t have a root shell open I can’t even shutdown. So there’s nothing for it but to power down the machine for the last time and feel a mini-bereavement for the loss of a perfectly good system.
Then I realised, with zfs there’s more to do. I boot earlier opensolaris images, and once again have a working system, albeit without data from my home directory. Looks like it’s just old incarnations of things under /var that have to be repeatedly deleted before wiping the filesystem.
I just hope someone does use it back at Oracle. It’s high-quality hardware, and would be a crime to throw away just because it’s been used for a couple of years.