decimate 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+shred_errs_log

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format progress

data/Gemfile

@@ -0,0 +1,8 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in decimate.gemspec
+gemspec
+
+gem 'rspec'
+gem 'pry'
+

data/LICENSE.txt

@@ -0,0 +1,8 @@
+Copyright (c) 2013 Justin Wiley
+
+GPL V3, 2007
+
+http://www.gnu.org/licenses/gpl-3.0.txt
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,64 @@
+# Decimate
+
+Discipline your file system by securely deleting some of its precious files or directories using shred.
+
+### Notable features:
+
+ - Uses shred utility to securely delete files, before removing
+ - Allows additional sanity checking of paths
+ - Endeavors to prevent you from accidentally rm -rfing your root dir
+
+### Usage
+
+    file_path = '/my_app/bad_file.txt'
+    dir_path = '/my_app'
+
+    Decimate.file! file_path   # specified file shredded, deleted
+    Decimate.dir! dir_path    # all files in all sub-directories shredded, rm -rf the directory
+
+If the file or dir does not exist, it will return nil without doing anything.  Both file! an dir! return the standard out of the executed command (shred) if success.  If the shred command fails (or find, which executes shred) and returns any other status code besides 0, an exception will be raised.
+
+Ruby's File.expand_path is used to check give files or directories, in an attempt to suss out relative paths that might lead to a dangerous delete. 
+
+As an additional sanity check, you can pass a regex pattern using the optional parameter path_must_match:
+
+    Decimate.file file_path, path_must_match: /my_app/
+
+After the file path is expanded, Decimate will raise if the resulting path does not match the given pattern.
+
+See RDoc for details.
+
+### Caveats
+
+ - *Do not feed it raw params from a web-request*.  You should carefully white-list anything that comes in.
+ - Since this proxies to the underlying operating system, and returns silently if the file or directory to be deleted no longer exist, I assume this is thread-safe, but no guarantees.
+ - The gem shells out to shred.  If shred is not installed, an error will be raised.
+ - Since it's shredding files, disk-recovery utilities won't save you if you accidentally delete something.
+ - Shred has many limitations, especially on journaling file systems, see the man page.
+ - The find command with the -execdir option is used since it's theoretically more secure and may help with race conditions.  Read the man page for security implications around $PATH
+ - Decimate has been tested on Ubuntu Linux.  It won't work on Windows-based systems.
+ - Decimate has few scruples, it only tries to prevent you from blowing away the root directory, and whatever regex you provide.  If you tell it to delete /bin/bash, it will do it.
+
+Code reviews, comments, violent reactions welcome.
+
+### Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'decimate'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install decimate
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/decimate.gemspec

@@ -0,0 +1,32 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'decimate/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "decimate"
+  spec.version       = Decimate::VERSION
+  spec.authors       = ["Justin Wiley"]
+  spec.email         = ["justin.wiley+decimate@gmail.com"]
+  spec.description   = %q{Discipline your file system by securely deleting some of its precious files or directories using shred.}
+  spec.summary       = %q{Notable features:
+
+ - Endeavors to prevent you from accidentally rm -rfing your root dir
+ - Uses shred utility to securely delete files, before removing
+ - Allows additional sanity checking of paths}
+  spec.homepage      = ""
+  spec.license       = "GPLV3"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "fileutils"
+  spec.add_dependency "open3"
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "rspec"
+end

data/lib/decimate/version.rb

@@ -0,0 +1,3 @@
+module Decimate
+  VERSION = "0.0.1"
+end

data/lib/decimate.rb

@@ -0,0 +1,68 @@
+require "decimate/version"
+require 'fileutils'
+require 'open3'
+
+module Decimate
+  def self.shred_cmd; "shred -uv"; end
+  #
+  # Executes given command using Open3.capture3
+  # Raises exception if non-zero status call returned, writes to error log
+  # 
+  def self.run cmd
+    stdout,stderr,status = Open3.capture3 cmd
+    raise "Domination failed: #{cmd}" unless status.nil? || status == 0
+    stdout
+  end
+
+  def self.validate_path path, required_regex=nil
+    raise ArgumentError.new("expected Regexp, given #{required_regex.class}") if required_regex && !required_regex.is_a?(Regexp)
+    File.expand_path(path).tap do |path|
+      raise ArgumentError.new("It looks like you're trying to remove root dir. :( Got #{path}") if path == '/'
+      raise ArgumentError.new("Path #{path} does not match #{required_regex}") if required_regex && !path.match(required_regex)
+    end
+  end
+
+  def self.fail_unless_shred
+    raise if `which shred`.chomp.empty?
+  end
+
+  #
+  # Securely deletes given file using shred.
+  #
+  #  - Returns nil if file does not exist
+  #  - Returns stdout from shred operation if file exists and shredded successfully
+  #  - If optional regex sanity check is included, exception will be raised if match against given path fails
+  #  - Raises if shred or find command triggers any status code other than zero
+  #  - Raises if shred command not found
+  #
+  def self.file! path, opts={}
+    return unless File.exist?(path)
+    fail_unless_shred
+    validate_path path, opts[:path_must_match]
+ 
+    run "#{shred_cmd} #{path}"
+  end
+
+  #
+  # Securely deletes given directory recursively using shred.
+  #
+  #  - Returns nil if directory does not exist
+  #  - Returns stdout from shred operation if dir exists and shredded successfully
+  #  - If optional regex sanity check is included, exception will be raised if match against given path fails
+  #  - Raises if shred or find command triggers any status code other than zero
+  #  - Raises if shred command not found
+  #
+  # Usage:
+  # Decimate.dir! 'my-unloved-dirctory'
+  # Decimate.dir! 'my-unloved-dirctory', path_must_match: /unloved/
+  #
+  def self.dir! path, opts={}
+    return unless Dir.exist?(path)
+    fail_unless_shred
+    validate_path path, opts[:path_must_match]
+    
+    stdout = run "find #{path} -type f -execdir #{shred_cmd} '{}' ';'"
+    FileUtils.rm_rf path
+    stdout
+  end
+end

data/spec/lib/decimate_spec.rb

@@ -0,0 +1,101 @@
+require 'spec_helper'
+require 'fileutils'
+
+describe Decimate do
+  let(:dir) { "tmp" }
+  let(:subdir) { "tmp/subdir" }
+  let(:file) { "#{dir}/file.txt"}
+  let(:file2) { "#{dir}/file2.txt"}
+  let(:file3) { "#{subdir}/file3.txt"}
+  let(:all_files) { [file, file2, file3] }
+  let(:all_content) { [dir, subdir] + all_files }
+  let(:stdout) { 'sample stddout' }
+
+  shared_context 'existing_files_and_dir' do
+    before do
+      FileUtils.mkdir_p subdir
+      all_files.each{|f| FileUtils.touch f}
+    end
+
+    after do
+      FileUtils.rm_rf(dir) if File.exist?(dir)
+    end
+  end
+
+  describe '#validate_path' do
+    it 'should expand and return path' do
+      Decimate.validate_path(file).should == File.expand_path(file)
+    end
+
+    it 'should raise if expanded path matches /' do
+      expect{Decimate.validate_path('/')}.to raise_error(ArgumentError)
+      expect{Decimate.validate_path('/dir/../')}.to raise_error(ArgumentError)
+    end
+    context 'with required path match argument' do
+      it 'should return path if expanded path matches given' do
+        Decimate.validate_path(file, /tmp/).should == File.expand_path(file)
+      end
+
+      it 'should raise if not' do
+        expect{Decimate.validate_path(file, /another_dir/)}.to raise_error(ArgumentError)
+      end
+    end
+  end
+
+  describe '#fail_unless_shred' do
+    it 'should raise if no shred' do
+      Decimate.should_receive(:`).with("which shred").and_return("")
+      expect{Decimate.fail_unless_shred}.to raise_error
+    end
+
+    it 'should not raise if shred' do
+      Decimate.should_receive(:`).with("which shred").and_return("shred")
+      Decimate.fail_unless_shred
+    end
+  end
+  
+  describe '#file' do
+    include_context 'existing_files_and_dir'
+
+    it 'should check for shred' do
+      Decimate.should_receive(:fail_unless_shred)
+      Decimate.file! file
+    end
+
+    it 'should securely delete the given file' do
+      Open3.should_receive(:capture3).with("shred -uv #{file}").and_return([stdout,"",nil])
+      Decimate.file!(file).should == stdout
+    end
+
+    it 'should result in file being removed' do
+      File.exist?(file3).should be_true
+      Decimate.file! file3
+      sleep 2  # shred operation takes a while
+      File.exist?(file3).should be_false
+    end
+  end
+
+  describe '#dir' do
+    include_context 'existing_files_and_dir'
+
+    it 'should check for shred' do
+      Decimate.should_receive(:fail_unless_shred)
+      Decimate.dir! dir
+    end
+
+    it 'should securely delete all files under the given file' do
+      Open3.should_receive(:capture3).with("find #{dir} -type f -execdir shred -uv '{}' ';'")
+      Decimate.dir! dir
+    end
+
+    it 'should result in all files and dirs being deleted' do
+      all_files.map{|f| File.exist?(f).should be_true}
+      Decimate.dir! dir
+      all_content.each do |f|
+        File.exist?(f).should be_false
+      end
+    end
+
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,21 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# Require this file using `require "spec_helper"` to ensure that it is only
+# loaded once.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'pry'
+require File.join(File.dirname(__FILE__),'../lib/decimate.rb')
+
+RSpec.configure do |config|
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = 'random'
+end

metadata

@@ -0,0 +1,159 @@
+--- !ruby/object:Gem::Specification
+name: decimate
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Justin Wiley
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-07-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fileutils
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: open3
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Discipline your file system by securely deleting some of its precious
+  files or directories using shred.
+email:
+- justin.wiley+decimate@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- decimate.gemspec
+- lib/decimate.rb
+- lib/decimate/version.rb
+- spec/lib/decimate_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses:
+- GPLV3
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: ! 'Notable features:  - Endeavors to prevent you from accidentally rm -rfing
+  your root dir - Uses shred utility to securely delete files, before removing - Allows
+  additional sanity checking of paths'
+test_files:
+- spec/lib/decimate_spec.rb
+- spec/spec_helper.rb
+has_rdoc: