consider dropping -D option

[garlick]

Problem: the -D,--dirent NEWNAME option is described as follows

After scrubbing the file, scrub its name in the directory entry,
then rename it to the new name. The scrub patterns used on the
directory entry are constrained by the operating system and thus
are not compliant with cited standards. This option only works
with a single target.

It seems like this is likely no more secure (in terms of obliterating data) than a rename, and thus offers a false sense of security.

A user could simply follow the scrub command with a rename if that's what they want.

[pete4abw]

-D newname could cause problems with multiple files where there may be a name collision. But it MAY be useful when someone not only wants to scrub a file, but conceal the purpose of the file by renaming it. For example, scrubbing and renaming "Confidential whistle-blower letter about Company XYZ.doc" would shield its existence.

[garlick]

I guess my point is

scrub -D newname "Confidential whistle-blower letter about Company XYZ.doc"

is not a whole lot more convenient than

file="Confidential whistle-blower letter about Company XYZ.doc"
scrub $file
mv $file newname

and the former makes people feel like they're achieving some kind of secure deletion when in reality the two commands have about the same effect.

[pete4abw]

Not to mention that with files on modern systems, it's not guaranteed that scrub will even wipe every part of the file with journaling and backup file systems. I won't cry if they're removed. shred has its -u option which deallocates and removes a file. Something to consider. Maybe the concept of -D is confusing, but perhaps -r can be enhanced???

Delete FILE(s) if --remove (-u) is specified. The default is not to remove
The optional HOW parameter indicates how to remove a directory entry:
'unlink' => use a standard unlink call.
'wipe' => also first obfuscate bytes in the name.
'wipesync' => also sync each obfuscated byte to the device.
The default mode is 'wipesync', but note it can be expensive.