Shredding

Shredding, also called secure deletion, is the process of deleting an object and overwriting the places where its copies were stored in such a way that none of its data or metadata, including custom metadata, can be reconstructed.

Every object has a shred setting that determines whether it will be shredded when it’s deleted.

With HTTP, the shred settings for an object are returned by the X-HCP-Shred response header. The shred setting values are:

  • false

    Don’t shred.

  • true

    Shred following deletion.

With WebDAV, CIFS, or NFS, you view the shred setting for an object in the shred.txt metafile. The shred setting values in this metafile are:

  • 0

    (zero)

    Don’t shred.

  • 1

    (one)

    Shred following deletion.

Default shred settings

The namespace is configured with a default shred setting. When an object is stored in the namespace, the object inherits this setting. With HTTP, you can override the default shred setting by specifying a different shred setting when you store the object.

Changing shred settings

You can change the shred setting for an existing object from false to true (or 0 to 1) but not from true to false (or 1 to 0).

With WebDAV, CIFS, or NFS, you change the shred setting for an object by overwriting its shred.txt metafile. In the new file, you specify only the new value.

Tip
  • With Windows and Unix, you can also use the echo command to insert the new value into the shred.txt metafile.
  • As a general rule, if you mark an object for shredding, you should mark all other objects with the same content for shredding as well.