On Jul 1, 2013, at 2:41 PM, Lance Norskog <goks...@gmail.com> wrote:
> My current open source project is a Directory that is just like RAMDirectory, > but everything is memory-mapped. The idea is it creates a disk file, opens > it, and immediately deletes the file. The file still exists until the > IndexReader/Writer/Searcher closes it. But, it cannot be found from the file > system. This is just like a RAMDirectory, but without memory limitations. > > It's proving to be harder than it looked. > > The application is to store encrypted indexes in memory, with the decrypted > contents in this non-findable format. I'm in medical document analysis now, > and we can't store anything on disk in the clear. I'm worried that this might not actually be secure. It certainly would be hard to find the data if the file is deleted in this way, but there are multiple ways to expose this confidential information (e.g. fsck reattaching the inode if it is lost, or directly by executing "ln /proc/<pid>/fd/<fdno> /recovered-file" or other such trickery. I would not trust this approach to keep the data secure, especially if there are potential lawsuits involved. Best, Steven --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@lucene.apache.org For additional commands, e-mail: java-user-h...@lucene.apache.org
