I don't know if tMemoryStream.SaveToFile will overwrite the existing file (should be OK) or create a new file and rename the old one (not OK). Below is a thread discussing this. Depending on the level of security you need, you can overwrite once (good enough for anyone who tries to read your hard disk via software) or 3 times with different patterns (in case you're afraid someone will extract your hard disk platters and use special hardware to try to recover the deleted data; I don't believe HIPAA requires this, but I haven't read the fine print :-) ).
http://groups.google.com/group/borland.public.delphi.objectpascal/browse_thread/thread/3ec29ee113bd34fa/bab49ebf426f58d9%23bab49ebf426f58d9 At 05:55 AM 11/12/2007, Rob Cameron wrote: >In a current project I'm required to detect a text file in a folder, >encrypt it and send it to a recipient. No problem; I'll use LockBox for >the encryption. The files contain health data which may be sensitive and >after confirming receipt of the data, the files should be deleted from >the folder. The customer has also asked that the files should be >shredded. A professional disk recovery exercise is unlikely, but they >do want to avoid a deleted file being recovered if one of their laptops >is lost or stolen. > >I don't know enough about how Windows handles files: would it be enough >to overwrite the file, maybe something like the code below? This relies >on Windows saving the file(s) in exactly the same locations on disk and >I suspect this will not always be the case. Does anyone know of a >better way, or a component that will shred a file from within a Delphi app? > >Many thanks for all suggestions, > >Rob > > >procedure OverWriteandDelete(FileName: string; N: integer); >// Overwrite a file N times then delete it >// File2String(FileName) and String2File are taken from "ExeMod" written >by G.A. Carpenter >// (see below) >var > TempString: string; > k: integer; >C: char; >begin > TempString := File2String(FileName); > > // overwrite the file N times, saving to disk each time > for k := 1 to N do > begin > C := chr(65 + random(50)); > String2File(StringOfChar(C, length(TempString)), FileName); > end; > > // empty the string in memory > ZeroMemory(@TempString, SizeOf(TempString)); > > // delete the file from disk > DeleteFile(FileName); >end; > >// These two methods are taken from "ExeMod" written by G.A. Carpenter: > >//This code can write any string to disk as a file >procedure String2File(String2BeSaved, FileName: string); >var > MyStream: TMemoryStream; >begin > if String2BeSaved = '' then exit; > SetCurrentDir(ExtractFilePath(Application.ExeName)); > MyStream := TMemoryStream.Create; > try > MyStream.WriteBuffer(Pointer(String2BeSaved)^, Length(String2BeSaved)); > MyStream.SaveToFile(FileName); > finally > MyStream.Free; > end; >end; > >//This code can read any file from disk and into a string: >function File2String(FileName: string): string; >var > MyStream: TFileStream; > MyString: string; >begin > MyStream := TFileStream.Create(FileName, fmOpenRead > or fmShareDenyNone); > try > MyStream.Position := 0; > SetLength(MyString, MyStream.Size); > MyStream.ReadBuffer(Pointer(MyString)^, MyStream.Size); > finally > MyStream.Free; > end; > Result := MyString; >end; >_______________________________________________ >Delphi mailing list -> [email protected] >http://lists.elists.org/cgi-bin/mailman/listinfo/delphi Regards, Sid Gudes PIA Systems Corporation [EMAIL PROTECTED] _______________________________________________ Delphi mailing list -> [email protected] http://lists.elists.org/cgi-bin/mailman/listinfo/delphi
