What happens during an unlink(2

[tp at ndm20]

The problem of  zeroing a  file no  longer in  use is  tricky in unix
because the user has no way to delete a file.  rm  simply unlinks it,
i.e.  removes it from a directory.   Others have  mentioned that this
does not imply that there are no other links, and indeed  in order to
rm a file, you do not need any permission to read or  write it, since
an rm is a function applied to the  containing directory  and not the
file itself.  What is needed  is code  in the  kernel to  zero a file
after the last link is removed.  The kernel implicitly deletes a file
with no links.  This is the only time  the zeroing  could take place.
Of  course  systems  not  worried  about  security  wouldn't want the
overhead.  Maybe this should be a configuration parameter.  Of course
it would be nice if it were  filesystem dependent,  then you wouldn't
have to have the overhead on "non-secure" file systems.