Secure removal using PHP 5.3.x

Question

Secure removal using PHP 5.3.x

Does anyone know a good PHP solution to remove or improve file deletion from a Linux system?

Scenario: The file is encrypted and saved when a download is requested, the file is copied to a temporary folder and decrypted. This is already working.

But how to delete a file from a temporary location after sending it to the user?

In my opinion, I have the following options:

Open the file through "fopen" and write 0.1 in it (think very slowly)
Save the file to Memcache instead of the hard drive (there may be a problem with my hoster)
Use the somd 3rd pary tool on the command line or as a cronjob (there may be a problem to install)

Purpose: to delete a file from the hard drive without the possibility of recovery (erase / overwrite)

+6

linux php

opHASnoNAME Jun 13 '12 at 9:20

source share

2 answers

Perhaps it’s best to never save the file in decrypted state.

Rather, use stream filters to decrypt it on the fly and send it directly to the end user.

Update

Your option 1 is actually not that bad if you consider this code:

$filename = 'path/to/file'; $size = filesize($filename); $src = fopen('/dev/zero', 'rb'); $dest = fopen('/path/to/file', 'wb'); stream_copy_to_stream($src, $dest, $size); fclose($src); fclose($dest);

You can also choose /dev/urandom , but that will be slow.

+5

Ja͢ck Jun 13 '12 at 9:26

source share

breiti · Accepted Answer · 2012-06-13T09:22:56+0000

Call shred via exec / system / passthru

Secure removal using PHP 5.3.x

More articles: