Shredding, also called secure deletion, is the process of deleting an object and overwriting the places where its copies were stored in such a way that none of its data or metadata, including custom metadata, can be reconstructed.
Every object has a shred setting that determines whether it will be shredded when it’s deleted.
With HTTP, the shred settings for an object are returned by the X-HCP-Shred response header. The shred setting values are:
With WebDAV, CIFS, or NFS, you view the shred setting for an object in the shred.txt metafile. The shred setting values in this metafile are:
Default shred settings
The namespace is configured with a default shred setting. When an object is stored in the namespace, the object inherits this setting. With HTTP, you can override the default shred setting by specifying a different shred setting when you store the object.
Changing shred settings
You can change the shred setting for an existing object from false to true (or 0 to 1) but not from true to false (or 1 to 0).
With WebDAV, CIFS, or NFS, you change the shred setting for an object by overwriting its shred.txt metafile. In the new file, you specify only the new value.
- With Windows and Unix, you can also use the echo command to insert the new value into the shred.txt metafile.
- As a general rule, if you mark an object for shredding, you should mark all other objects with the same content for shredding as well.