Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

Permanent file deletion - sensitive data

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Permanent file deletion - sensitive data
# 1  
Old 06-20-2007
Error Permanent file deletion - sensitive data
All,

I'm hoping someone can help fill me in on this one.
Smilie
I work with bank data deemed "sensitive" and, once processed, need to figure out a way to overwrite the files with enough garbage data in order to prevent someone from being able to recover any of the data from the disk. I know a simple rm won't do the trick, as that only removes the pointer to the data. Any help is appreciated.

Thanks,
Pete
# 2  
Old 06-20-2007
Will this do for you:
Code:
tail your_file > your_file

# 3  
Old 06-20-2007
Thanks Shelf-Life,

That seemed way too easy, but I tried it out and it appears to work. I have a feeling that PCI standards won't accept that as adequate enough though.

PCI - for those of you unfamiliar with it - is a Visa/MasterCard set of rules to protect credit card account numbers from theft. So while the solution offered does work, I need to be assured that the data could not be recovered by anyone (except for the NSA of course Smilie). Any more ideas to throw into the fray?

Thanks,
Pete
# 4  
Old 06-20-2007
Pete, if you do not want to empty the file, the other solution is to
change/encrypt the data.
# 5  
Old 06-20-2007
Here's what my process looks like:

1 - I receive a PGP encrypted file to server A.

2 - I make a call to a key store on another server (server B) to pick up the private key needed to perform the decryption on server A.

3 - I decrypt the file, and run an encryption routine on the account number portion of the decrypted file. I may encrypt the entire file, though not sure yet.

4 - I send the protected file off to its destination server (server C).

5 - I now need to permanently delete (ensure the data cannot be recovered from the disk utilizing any software or hardware scanning device) the private key picked up from step 2 in addition to the decrypted file from step 3.

I hope you can see where my pain is, and I'm not sure if you're tail command would sufficiently protect the information. Can you confirm?
# 6  
Old 06-20-2007
There are command line utilties like GNU shred which can be installed and are free. It works well.

A problem arises when the file is on a RAID, or when the filesystem does not perform update in place -- a journaled or log structured fs for example. Then you have a wholly different problem. Then - none of these kind of programs work well.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Post Here to Contact Site Administrators and Moderators

Please remove sensitive data

Hi Kindly remove the following from the post . These are confidential info posted by mistake https://www.unix.com/shell-programming-and-scripting/201037-perl-while-loop-each.html please remove the comments section which is first 16 lines in the perl script . Also please remove the ... (1 Reply)
Discussion started by: ptappeta
1 Replies

2. Post Here to Contact Site Administrators and Moderators

Remove sensitive data

Hi Sir, please remove following terms from post as it is sensitive data https://www.unix.com/shell-programming-and-scripting/235655-print-single-line.html ifeeds fidedev ironsides feedmgr thanks a lot prabhu (1 Reply)
Discussion started by: ptappeta
1 Replies

3. Post Here to Contact Site Administrators and Moderators

Please remove the sensitive data from post

Hi Sir , Please remove the following code from the post https://www.unix.com/unix-for-advanced-and-expert-users/210081-ftp-issue.html thanks Prabhu (7 Replies)
Discussion started by: ptappeta
7 Replies

4. Post Here to Contact Site Administrators and Moderators

Please remove sensitive data from post

HI Sir , please remove the sensitive data from the post https://www.unix.com/unix-for-advanced-and-expert-users/200219-ssh-issue.html please blank the following terms /home/infafi/Informatica/PowerCenter8.1.1/server/bin iminfu01uat ... (4 Replies)
Discussion started by: ptappeta
4 Replies

5. Post Here to Contact Site Administrators and Moderators

Remove post with sensitive data

Hello, Can you please delete or modify a post that contains sensitive data. I can't post full links, here's the end of the link: shell-programming-and-scripting/94965-help-shell-scripting-modify-user-creation-script-oracle-database.html It's got a lot of data that should never be posted on... (2 Replies)
Discussion started by: JonHeller
2 Replies

6. UNIX for Dummies Questions & Answers

Permanent file permissions within a directory

Hi All, I have an ftp process that is connecting to a Solaris server and pushing files into a directory. The default file permissions are rw-r--r-- . I want the file permissions to be rw-rw-r--. How can I configure the directory so any file created there will have the permissions... (6 Replies)
Discussion started by: rob4732
6 Replies

7. UNIX for Dummies Questions & Answers

permanent change in file

Hi! i want to replace ; by ok in a file as below test1(filename) containt:- Hi i am kaushlesh; i am new to Unix. i want permanent change in the file like below:- Hi i am kaushlesh ok i am new to unix How i will complite this..? (2 Replies)
Discussion started by: kaushelsh168
2 Replies

8. Shell Programming and Scripting

making the changes permanent in a file

Hi Friends. I have a file called install.data which has fields like : XXXXX ACVCGFFTFY UAHIUH OI CONNECTION=tape/11/ LOCATAION=08-90-89 SIZE=90 I had to change the values of some of these variables. So i did : grep "SIZE" instal.data | sed 's/*/00/' ...this is working fine on command... (4 Replies)
Discussion started by: vijaya2006
4 Replies

9. Solaris

Deletion of Data from Lost+Found Directory

Hie I am running a sun solaris server of about 300 gigabytes disk capacity. The problem is that the machine has been having problems over the past year and at times the machine would just freeze or hang and had to be re-booted. Consequently there are too many entries in the lost+found... (1 Reply)
Discussion started by: Ranganai
1 Replies

10. Shell Programming and Scripting

Implications of setting sensitive data in ENV

Hello people, In shell scripts if some sensitive data is set into the env so that it is available to other scripts called within those scripts -- Are there are security implications ? -- I believe the scope of those environment variables ends with the execution of the script. -- I see that... (4 Replies)
Discussion started by: tipsy
4 Replies
Login or Register to Ask a Question