I've seen Windows do quite a bit of a mess when overwriting a file (ie: it doesn't write in the exact same spot) and there's not a lot you can do about it, but I do have a few suggestions:
(1) Make sure the partition they're saving to does NOT have any kind of "shadow copy" backup thing going on. Since you're talking about laptops this is not likely but if your application happens to run on Windows Server 200X make sure you disable shadow copies. (2) If possible create the text files on a VERY small partition: This way you can "shred" the file using your code and then create a new file that writes junk on the disk until the disk is full. (3) If possible keep the file on disk encrypted. Searching for encrypted blocks of text on disk would be very, very difficult. -- Cosmin Prund > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Rob Cameron > Sent: 12 noiembrie 2007 14:56 > To: [email protected] > Subject: Deleting - and shredding - a file > > In a current project I'm required to detect a text file in a folder, > encrypt it and send it to a recipient. No problem; I'll use LockBox for > the encryption. The files contain health data which may be sensitive > and > after confirming receipt of the data, the files should be deleted from > the folder. The customer has also asked that the files should be > shredded. A professional disk recovery exercise is unlikely, but they > do want to avoid a deleted file being recovered if one of their laptops > is lost or stolen. > > I don't know enough about how Windows handles files: would it be enough > to overwrite the file, maybe something like the code below? This relies > on Windows saving the file(s) in exactly the same locations on disk and > I suspect this will not always be the case. Does anyone know of a > better way, or a component that will shred a file from within a Delphi > app? > > Many thanks for all suggestions, > > Rob > > > procedure OverWriteandDelete(FileName: string; N: integer); > // Overwrite a file N times then delete it > // File2String(FileName) and String2File are taken from "ExeMod" > written > by G.A. Carpenter > // (see below) > var > TempString: string; > k: integer; > C: char; > begin > TempString := File2String(FileName); > > // overwrite the file N times, saving to disk each time > for k := 1 to N do > begin > C := chr(65 + random(50)); > String2File(StringOfChar(C, length(TempString)), FileName); > end; > > // empty the string in memory > ZeroMemory(@TempString, SizeOf(TempString)); > > // delete the file from disk > DeleteFile(FileName); > end; > > // These two methods are taken from "ExeMod" written by G.A. Carpenter: > > //This code can write any string to disk as a file > procedure String2File(String2BeSaved, FileName: string); > var > MyStream: TMemoryStream; > begin > if String2BeSaved = '' then exit; > SetCurrentDir(ExtractFilePath(Application.ExeName)); > MyStream := TMemoryStream.Create; > try > MyStream.WriteBuffer(Pointer(String2BeSaved)^, > Length(String2BeSaved)); > MyStream.SaveToFile(FileName); > finally > MyStream.Free; > end; > end; > > //This code can read any file from disk and into a string: > function File2String(FileName: string): string; > var > MyStream: TFileStream; > MyString: string; > begin > MyStream := TFileStream.Create(FileName, fmOpenRead > or fmShareDenyNone); > try > MyStream.Position := 0; > SetLength(MyString, MyStream.Size); > MyStream.ReadBuffer(Pointer(MyString)^, MyStream.Size); > finally > MyStream.Free; > end; > Result := MyString; > end; > > > > > _______________________________________________ > Delphi mailing list -> [email protected] > http://lists.elists.org/cgi-bin/mailman/listinfo/delphi _______________________________________________ Delphi mailing list -> [email protected] http://lists.elists.org/cgi-bin/mailman/listinfo/delphi
