On 5/21/14, 12:42 PM, Nagy László Zsolt wrote:
I need to create an application for Windows 7 that runs from a flash
drive. This program would be used to create remote backups of the
pendrive. The pendrive contains sensitive data, so when I plug in the
pendrive and run the program to make a backup, it should not leave any
trace of operation on the windows system. The information is so
sensitive that I was forbidden to use cloud storage. I was also
forbidden to make backups to a local drive, or leave any trace on the
host windows system.
The question is this: if I create this program with Python 3.4 and
cx_Freeze, then what should I expect. When the user starts the
cx_freeze-d program from the flash drive, will it create temporary files
on the system drive? Will it leave log files or store any permanent or
temporary data on the system drive (maybe in the user's tmp folder) that
can later be used to tell what drive was mounted, with what parameters
the program was started etc.
I am not sure about what temp files python might leave around, but if
you are being ultimately paranoid about this, one risk that will be
present is the possibility of leaving traces of data in the swap file.
If the program doesn't specifically prohibit it, anything that is
brought into memory (and the act of reading the pendrive will do this)
might end up in the swap file.
I can't imagine python having a run time option to force it to disable
the swap file.
If the data is as sensitive as they seem to want to treat it, perhaps
you should follow the procedures of classified computing, which says
that any storage medium "exposed" to classified computing becomes
classified. This would say that you would use a dedicated machine to do
these backups, and after doing them, you remove the hard disk from the
machine and lock it up, only to be taken out for later backups. This
level of paranoia says you don't need to be as concerned about figuring
out what traces might be left, you assume they are and lock them up.