Hi, I want to use secure file deletes in my app so that the files are irretrievable after deletion (the files contain personal health information). My hosting service has Wipe installed (http://wipe.sourceforge.net/). I''d really appreciate hearing from anyone who has any experience with doing secure file deletes within a Rails app. Is Wipe the best tool to use? I''ve never used any of the utilities that are out there for this. Thanks, Bill --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Bill Walton wrote:> I want to use secure file deletes in my app so that the files are > irretrievable after deletion (the files contain personal health > information). My hosting service has Wipe installed > (http://wipe.sourceforge.net/). I''d really appreciate hearing from anyone > who has any experience with doing secure file deletes within a Rails app. > Is Wipe the best tool to use? I''ve never used any of the utilities that > are out there for this.Don''t you have ''shred'' from the command line? Would this work? system("shred insecure_file.dat -zu &") Note the command detaches with &, so a slow shred won''t slow down your server''s response. And note that you cannot guarantee security like this; you must start with your server''s physical security. All kinds of artifacts from the information will remain on your hard drive. -- Phlip http://flea.sourceforge.net/PiglegToo_1.html --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hi Phlip, Phlip wrote:> Don''t you have ''shred'' from the command line? > Would this work? > > system("shred insecure_file.dat -zu &") > > Note the command detaches with &, so a slow > shred won''t slow down your server''s response.Thanks for the note on ''&''. I just checked and shred is available, but I didn''t know about the detach option. I''ve been looking for something asynchronous to avoid a negative impact to the visitor experience. I was also hoping for something that was more integral to the file system. Do you have any experience with srm? (http://srm.sourceforge.net/ )> And note that you cannot guarantee security like this; > you must start with your server''s physical security. > All kinds of artifacts from the information will remain > on your hard drive.This is my first ''dive'' into this and, yeah, it''s pretty complicated. Looks like I need to know, at a minimum, the type of devices in use, the setup of the devices wrt RAID, and the file system in use. I''m beginning to wonder if my goals are achievable on an VPS setup. Any experience / opinions much appreciated. Best regards, Bill --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---