cx_freeze and temporary files - security related question
William Ray Wing
wrw at mac.com
Sun Jul 6 21:04:12 CEST 2014
On Jul 6, 2014, at 9:21 AM, Richard Damon <Richard at Damon-Family.org> wrote:
> On 5/21/14, 12:42 PM, Nagy László Zsolt wrote:
>> I need to create an application for Windows 7 that runs from a flash
>> drive. This program would be used to create remote backups of the
>> pendrive. The pendrive contains sensitive data, so when I plug in the
>> pendrive and run the program to make a backup, it should not leave any
>> trace of operation on the windows system. The information is so
>> sensitive that I was forbidden to use cloud storage. I was also
>> forbidden to make backups to a local drive, or leave any trace on the
>> host windows system.
>> The question is this: if I create this program with Python 3.4 and
>> cx_Freeze, then what should I expect. When the user starts the
>> cx_freeze-d program from the flash drive, will it create temporary files
>> on the system drive? Will it leave log files or store any permanent or
>> temporary data on the system drive (maybe in the user's tmp folder) that
>> can later be used to tell what drive was mounted, with what parameters
>> the program was started etc.
> I am not sure about what temp files python might leave around, but if you are being ultimately paranoid about this, one risk that will be present is the possibility of leaving traces of data in the swap file. If the program doesn't specifically prohibit it, anything that is brought into memory (and the act of reading the pendrive will do this) might end up in the swap file.
> I can't imagine python having a run time option to force it to disable the swap file.
> If the data is as sensitive as they seem to want to treat it, perhaps you should follow the procedures of classified computing, which says that any storage medium "exposed" to classified computing becomes classified. This would say that you would use a dedicated machine to do these backups, and after doing them, you remove the hard disk from the machine and lock it up, only to be taken out for later backups. This level of paranoia says you don't need to be as concerned about figuring out what traces might be left, you assume they are and lock them up.
Furthermore, I don’t know about Windows, but on many UNIX-like OSs, the file system preserves the time the file was last accessed. If the goal is truly to leave no traces of the fact that the a group of files was backed up, this pretty well would be a red flag that they had been.
More information about the Python-list