Wiping temporary files for security -


i working on application displays data database. right working on set of modules generate html page, including both text , images, display in web browser (built program msie), , gives user option print it.

in destructors of these classes have instructions delete temporary files created, may contain official use information.

over weekend got thinking should first overwrite data 0's (or other bytes) , delete them.

i've heard patterns of bytes used in file wiping , single pass may not enough, yet can't think of reason why. i've done research , read on wikipedia, , seems single pass going work well.

also, adding "no-cache" meta-tag in html sufficient assure msie doesn't copy data own cache directory?

there 2 programs know on unix systems. have check out if available on windows, either native or cygwin or that, or maybe may find them useful study how it.

  1. srm available on sourceforge
  2. shred - part of gnu coreutils

both of them use gutmann method of writing series of patterns on data. see secure deletion of data magnetic , solid-state memory paper peter gutmann explanation of idea. see srm manpage shred manpage introduction on how work user's point of view.


Comments

Post a Comment

Popular posts from this blog

apache - Add omitted ? to URLs -

i working on website cms reads page name of query string, e.g. http://exmaple.com/?pagename . trying create rewrite rule rewrite ? . so, user types in /pagename , taken /?pagename try this: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^/?(.*) index.php?$1 [l]
Read more

redirect - bbPress Forum - rewrite to wwww.mysite prohibits login -

i using bbpress installation without wordpress integration. the redirect of rewriteengine @ forum site works: rewriteengine on rewritecond %{http_host} ^forum.mysite.com$ rewriterule (.*)$ http://www.forum.mysite.com/$1 [r=301,l] the problem login pppress. bbpress login not recognize: http://www.forum.mysite/bb-login.php . it redirects to: http://forum.mysite.com/bb-login.php . i tried permalink settings none , name based, same issue. does uses redirect in bbpress or how can eliminate "double" content , redirect permanently www.? i redirected www.forum.mysite.com forum.mysite.com , achieved eliminate "double" content.
Read more

php - How can I stop spam on my custom forum/blog? -

so have custom built forum & blog system of late has been dealing lot of spam. if wordpress use akismet, if different common platform i'm sure i'd find plugin. there kind of static class can download this? using php. i'd still go akismet, if it. uses outside of wordpress, may have pay fee it, depending on use -- check terms , conditions -- it's option , easy implement in php using api. use api key wordpress. com account access. basically, grab whichever php client library takes fancy -- use alex potsides' php5 library -- plug in key, , it's handful of lines of code. here's bare bones of validation straight 1 of live sites: ... if ($akismet) { $akismet->setcommentauthor($name); $akismet->setcommentauthoremail($session->userinfo["email"]); $akismet->setcommentauthorurl(""); $akismet->setcommentcontent($sentence);...
Read more