pub fn zero_overwrite_and_remove(path: &Path) -> Result<()>Expand description
Overwrite a file’s bytes with zeros, fsync, then unlink.
This is a best-effort forensic-resistance measure: on rotating media it overwrites the sectors that held the secret before we forget where they are. On modern SSDs with wear-levelling the write may be remapped rather than overwriting the physical cells — still no worse than plain unlink, and meaningfully better on the platforms where direct overwrite wins (HDDs, ramdisk, most filesystems on older kernels). Defence-in-depth, not a hard guarantee.
Errors at any step are non-fatal for the surrounding flow: the
caller gets a Result so it can log, but the bundle has already
been consumed. Callers typically print a warning and continue.