我想通过将零写入其物理区域来制作文件脱粒器以完全删除文件.
文件可以存储在硬盘驱动器中,而不是总是存储在整个块中.
当我说物理区域.我指的是文件存储的物理部分,或者我可以执行“写零”的那些部分的任何引用.
更好的C#.
解决方法:
不幸的是,即使您正在编写内核模式驱动程序,这在C#中也不是完全可能的,在C/C++中也是如此.
Shredding an individual file properly assumes its location can be completely known, but basically it can only be known in one ideal case.The ideal case has three characteristics:
- The file size has never shrunk because of editing. Imagine starting with a 3MB spreadsheet, editing it down to 1MB (using the spreadsheet application), and asking the cleaner application to delete the 1MB version: the cleaner has no way of knowing where the missing 2MB was allocated on the physical hard drive. (Remember: file systems often don’t store files continuously, so you can’t assume the missing part was directly after the known part.)
- The file never moved. Imagine the spreadsheet software saves the document by writing a new copy to a temporary file, deleting the old copy, and renaming the temporary file to the original name. In this case, the cleaner application has no way of knowing where any of the old spreadsheet was located.
- The file system overwrites files to the same place. This is a good assumption. On Windows NTFS and on Linux the most common ext3 configuration (which is the default on Ubuntu 9.10 and other Linux distributions) overwrite files in the same place, but transparent disk compression, encryption, and sparse files may not overwrite files in place.
此外:当现代硬盘驱动器的某个区域损坏时,它会自动将坏扇区重新映射到备用区域.这些操作由驱动器的固件决定,操作系统和应用程序都不知道移动,因此擦除驱动器会忽略损坏的区域.
话虽如此,有可能(尽管不容易)找出文件当前占用的驱动器的哪些扇区.但是,这要求您的应用程序(至少部分地)了解所使用的文件系统以及该文件系统如何在底层介质上存储文件.
最后,问题仍然是通过识别文件所占用的所有扇区并将其填充为0而不是仅仅执行来获得额外的安全性
using(var fs = new System.IO.FileStream(@"m:\delme.zip",
FileMode.Open,
FileAccess.Write,
FileShare.None))
{
var zeros = new byte[fs.Length];
fs.Write(zeros, 0, zeros.Length);
}