From 46f91021e677e2f78f385fc6fc24168385ccfed8 Mon Sep 17 00:00:00 2001
From: The MMGen Project <mmgen@tuta.io>
Date: Mon, 26 Jul 2021 18:27:54 +0000
Subject: [PATCH] use GNU shred for secure file deletion

---
 mmgen/main_wallet.py | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/mmgen/main_wallet.py b/mmgen/main_wallet.py
index e6d324c8..d2cc3e13 100755
--- a/mmgen/main_wallet.py
+++ b/mmgen/main_wallet.py
@@ -223,14 +223,13 @@ if invoked_as == 'passchg' and ss_in.infile.dirname == g.data_dir:
 	m2 = 'update the default wallet'
 	confirm_or_raise(m1,m2,exit_msg='Password not changed')
 	ss_out.write_to_file(desc='New wallet',outdir=g.data_dir)
-	msg('Securely deleting old wallet')
+	bmsg('Securely deleting old wallet')
 	from subprocess import run
-	wipe_cmd = ['sdelete','-p','20'] if g.platform=='win' else ['wipe','-sf']
-	try:
-		run(wipe_cmd + [ss_in.infile.name],check=True)
-	except:
-		ymsg(f'WARNING: {wipe_cmd[0]!r} command failed, using regular file delete instead')
-		os.unlink(ss_in.infile.name)
+	run(
+		['shred','--iterations=30','--zero','--remove=wipesync']
+		+ (['--verbose'] if opt.verbose else [])
+		+ [ss_in.infile.name],
+		check=True )
 else:
 	try:
 		assert invoked_as == 'gen', 'dw'