All geek questions in one place

How to clean files that are decrypted at runtime are cleared?

Using C or C ++ after decrypting a file to disk - how can I guarantee that it will be deleted if the application crashes or the system shuts down and cannot clean it correctly? Using C or C ++ on Windows and Linux?

+3
source share
13 answers

Do not write the file decrypted to disk at all.

If the system is disconnected, the file is still on the disk; the disk may have access to the file.

An exception is the use of an encrypted file system, but this does not control your program.

+5
source

, 100% , . , , , . () .

, , . , , .

, , , , . , .

, . . , , .

+7

:

, , .

: :

, .

__ try __except

, ?:

...

Windows, MoveFileEx MOVEFILE_DELAY_UNTIL_REBOOT NULL, . . , ( , FILE_SHARE_READ, CreateFile, ). , .

: , :

  • , MAX_PATH, \\? \. , Windows.

+4

, Windows, Linux, , , , unlink() . , , , ​​ .

, , , , . , (?). , , .

+4

C ( , ++), , atexit() . _exit() _exit(), atexit().

, , , . unlink() ( ) ; . .

+2

. - , . , .

hearth-beats ( , , ) , , , .

, , , .

, , /swap-. Posix Systems m(un)lock* family of functions.

+1

tmpfile().

BSD UNIX, , .
, .

( ) .
, .

, .
, , Google .

+1

. . ( ), . .

- , 6, 8,24 , , . , - . , . , , . .

, , . .

.

+1

++ RAII:

class Clean_Up_File {
    std::string filename_;
    public Clean_Up_File(std::string filename) { ... } //open/create file
    public ~Clean_Up_File() { ... } //delete file
}

int main()
{
    Clean_Up_File file_will_be_deleted_on_program_exit("my_file.txt");
}

RAII . ( , , ). ScopeGuard .

, , "" . , , . , ( UNIX " grep harddrive" ).

, , , (, std::exit(int) , ), RAII . std::exit(int), ( , " " ), main() ( " " ). IIRC, SIGKILL , SIGKILL , .

+1

. , , . , .

, , Windows Linux , , , ; .

, . , . , ( Christian Slater, My Own Worst Enemy), , , , , )

0

Linux/Unix, unlink, . , .

, , - , .

, , .

0

, . -, , Live CD Linux , . , , , .

, , . , , , , , , (, ).

, , , , , . , , . , .. , : .

, , RAM , . , , ( ) .

: .

0

, , , , , - , . :

, , , , . , , , , .

Basically, it will encrypt blocks of the file at a time, so if I try to find a specific point, it will decrypt this block for reading. When I read the last block, it decrypts the next block and frees the previous one (in the crypt stream).

This implementation does not require me to decrypt the file or memory and is compatible with other users and stream providers (fstream).

This is my "plan." I have not done this kind of work with fstream before, and I will most likely post a question as soon as I am ready to work on it.

Thanks for all the other answers - it was very informative.

0
source

Source: https://habr.com/ru/post/1699363/

More articles:


All Articles