是否可以覆盖 java 中的文件以使其无法恢复?
Is it possible to overwrite a file in java so it cannot be recoverd?
我正在编写一个加密文件的加密程序。
我希望加密后的内容会替换原来的内容,这样就无法被恢复程序恢复(即使用与原来内容相同的内存地址)。
假设加密内容与原始内容大小相同。
我猜 File.renameTo() 不会成功,因为它与平台无关,所以有点不可预测。
请原谅我没有发布我的完整代码(呃!)但我使用 Buffered Input/OutputStream 来 read/write 数据。
在某些情况下(在某些操作系统上,在某些文件系统上,有一些挂载选项)RandomAccessFile 会让你做你想做的事。还要考虑如何将敏感数据保持在 Java 堆之外...例如,避免使用 String 作为从未加密文件构造的对象的一部分,然后写入加密文件。但是,在其他情况下,您的提议根本不可能。正如 GNU shred、
的联机帮助页中所述
CAUTION: Note that shred relies on a very important assumption: that
the file system overwrites data in place. This is the traditional way
to do things, but many modern file system designs do not satisfy this
assumption. The following are examples of file systems on which shred
is not effective, or is not guaranteed to be effective in all file system modes:
- log-structured or journaled file systems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
- file systems that write redundant data and carry on even if some
writes fail, such as RAID-based file systems
- file systems that make snapshots, such as Network Appliance’s NFS
server
- file systems that cache in temporary locations, such as NFS version 3
clients
- compressed file systems
我正在编写一个加密文件的加密程序。
我希望加密后的内容会替换原来的内容,这样就无法被恢复程序恢复(即使用与原来内容相同的内存地址)。
假设加密内容与原始内容大小相同。
我猜 File.renameTo() 不会成功,因为它与平台无关,所以有点不可预测。
请原谅我没有发布我的完整代码(呃!)但我使用 Buffered Input/OutputStream 来 read/write 数据。
在某些情况下(在某些操作系统上,在某些文件系统上,有一些挂载选项)RandomAccessFile 会让你做你想做的事。还要考虑如何将敏感数据保持在 Java 堆之外...例如,避免使用 String 作为从未加密文件构造的对象的一部分,然后写入加密文件。但是,在其他情况下,您的提议根本不可能。正如 GNU shred、
CAUTION: Note that shred relies on a very important assumption: that the file system overwrites data in place. This is the traditional way to do things, but many modern file system designs do not satisfy this assumption. The following are examples of file systems on which shred is not effective, or is not guaranteed to be effective in all file system modes:
- log-structured or journaled file systems, such as those supplied with AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
- file systems that write redundant data and carry on even if some writes fail, such as RAID-based file systems
- file systems that make snapshots, such as Network Appliance’s NFS server
- file systems that cache in temporary locations, such as NFS version 3 clients
- compressed file systems