问题描述
我想使用PHP删除文件.我已经使用过unlink()函数,但是我想知道unlink的安全性.文件是否已从服务器中完全删除?我想确保没有办法取回文件,并且文件已从服务器中完全删除.
I want to delete a file by using PHP. I have used the unlink() function, but I was wondering about the security of unlink. Is the file completely deleted from the server? I want to make sure that there is no way to get the file back and the file is completely removed from the server.
推荐答案
以二进制模式打开文件以进行写入,在整个文件中写入1,关闭文件,然后取消链接.覆盖文件中的所有数据,因此无法恢复.
open the file in binary mode for writing, write 1's over the entire file, close the file, and then unlink it. overwrites any data within the file so it cannot be recovered.
我个人会说使用1而不是0,因为1是实际数据,并且将始终写入,而0可能不会写入,具体取决于多个因素.
Personally i would say use 1's instead of 0's as 1's are actual data and will always write, where as 0's may not write, depending on several factors.
经过一番思考,然后阅读评论,我将采用一种混合方法,取决于您希望文件的如何删除",如果您只是想这样做的话.无法恢复数据,因为这样很快会覆盖整个文件的长度,所以用1来代替它会破坏数据,这是问题所在,因为它在磁盘上留下了一定长度的统一数据,从而推断出文件用过并给出了消除文件长度,提供重要的法医信息.简单地写入随机数据也不会避免这种情况,因为即使该文件周围的所有驱动器扇区都未触及,也会留下法医痕迹.
After some thought, and reading of comments, i would go with a hybrid approach, depending on "how deleted" you want the file to be, if you simply wish to make it so the data cannot be recovered, overwrite the entire files length with 1's as this is fast, and destroys the data, the problem with this, is it leaves a set length of uniform data on the disk which infers a file USED to be there and gives away the files length, giving vital pieces of forensic information. Simply writing random data will not avoid this also, as if all the drive sectors around this file are untouched, this will also leave a forensic trace.
法医删除,混淆和合理的可否认性的最佳解决方案(同样,这是过大的,但是我为了添加而添加它),用1覆盖文件的整个长度然后,对于半个文件的长度(以字节为单位),从mt_rand以随机长度大小,从随机起始点开始写入,给人的印象是许多不同长度的文件曾经在该区域中,因此产生了错误的痕迹. (再次,这完全是多余的,通常只有连环杀手和中央情报局才需要,但我为此添加了它.)
The best solution factoring in forensic deletion, obfuscation and plausible deniability (again, this is overkill, but im adding it for the sake of adding it), overwrite the entire length of the file with 1's and then, for HALF the length of the file in bytes, write from mt_rand in random length sizes, from random starting points, leaving the impression that many files of varying lengths used to be in this area, thus creating a false trail. (again, this is completely overkill and is generally only needed by serial killers and the CIA, but im adding it for the sake of doing so).
这篇关于从服务器完全删除文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!