|
|
Posted by Richard Lynch on 10/04/46 11:08
Matt M. wrote:
>> I have a database that contains encrypted data using Mysql function
>> ENCODE(). Certain users will be allowed to view this data and I will
>> allow
>> them to download a CSV file contain the decrypted data using the Mysql
>> DECODE() function. However I don't want this file to be left on the
>> server,
>> is there a way to ensure that the file is deleted immediately after it
>> has
>> been downloaded?
>
> http://us4.php.net/unlink
PS If the data is REALLY sensitive, you may want to look into command line
tools to actually ERASE the data instead of just doing unlink.
'unlink' only nukes the directory information to find the file. The file
contents still exist, intact, and there are tools to mine un-linked files
to find content.
Hard Drive forensics experts can even manage to retrieve over-written
files based on some very very very expensive/hard analysis of the magentic
fields -- Sort of like reading through scratched out stuff on paper by
holding it up to the light, only a lot more technical and a lot more
expensive... It's unlikely you need to worry about *THAT* though, as I
understand it...
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|