P5
A DESCRIPTION OF THE REQUEST :
I would like to request that a secure delete or removal method be added for file objects in java.io or java.security, that would overwrite a file to DOD 5220.22-M clearance standards, by default at least seven times. This would make an excellent addition to your already very strong reputation for security, and allow developers to securely remove files that
may have needed to be created or read during a secure process.
JUSTIFICATION :
From what I've seen, Java doesn't allow direct access to memory locations such as C or C++, which makes it extremely difficult to to overwrite files to DOD 5220.22-M standards, which requires that you overwrite the memory location with a character, then a random character, then verify and proceed.
I'm sure (hoping) with the large amount of source available that has this feature it shouldn't be too complex to add.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
I would like to be able to use fileObject.secureDelete(int passes) or fileObject.secureRemove(int passes) with passes being the number of times the file is overwritten with psuedo-random data.
---------- BEGIN SOURCE ----------
// I would like to be able to do:
import java.io.*;
// or import java.security.*;
public static void main(String[] args) {
String mypath = args[1];
File myfile = new File(mypath);
myfile.secureDelete(7);
System.out.println("Done.");
}
---------- END SOURCE ----------
I would like to request that a secure delete or removal method be added for file objects in java.io or java.security, that would overwrite a file to DOD 5220.22-M clearance standards, by default at least seven times. This would make an excellent addition to your already very strong reputation for security, and allow developers to securely remove files that
may have needed to be created or read during a secure process.
JUSTIFICATION :
From what I've seen, Java doesn't allow direct access to memory locations such as C or C++, which makes it extremely difficult to to overwrite files to DOD 5220.22-M standards, which requires that you overwrite the memory location with a character, then a random character, then verify and proceed.
I'm sure (hoping) with the large amount of source available that has this feature it shouldn't be too complex to add.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
I would like to be able to use fileObject.secureDelete(int passes) or fileObject.secureRemove(int passes) with passes being the number of times the file is overwritten with psuedo-random data.
---------- BEGIN SOURCE ----------
// I would like to be able to do:
import java.io.*;
// or import java.security.*;
public static void main(String[] args) {
String mypath = args[1];
File myfile = new File(mypath);
myfile.secureDelete(7);
System.out.println("Done.");
}
---------- END SOURCE ----------