Need

Secure file deletion

Context

• Usage of Scala for building scalable and high-performance applications
• Usage of java.io.File for file input/output operations
• Usage of java.nio.file.Files for file operations in Java
• Usage of java.nio.file.Paths for working with file paths in Java

Description

Non compliant code

        import java.io.File
import java.nio.file.{Files, Paths}

def deleteFile(fileName: String) {
  val file = new File(fileName)
  if (file.exists()) {
    file.delete()
  }
}
        
        

The above Scala function deleteFile() takes a filename as input and deletes the file if it exists. This function uses the java.io.File class to handle file operations.

The vulnerability here is that the delete() method in the java.io.File class does not securely delete files. When a file is deleted using this method, it is typically moved to the Recycle Bin or Trash of the operating system, or the space it occupied on the disk is simply marked as available for reuse. This means that the file's data remains on the disk and can potentially be recovered using special software.

This is particularly problematic if the deleted files contain sensitive information, such as passwords, personal data, or confidential business information. If an attacker gains access to the system, they could potentially recover these "deleted" files and gain access to this sensitive information.

To fix this vulnerability, files must be securely deleted in a way that their data cannot be recovered. This often involves overwriting the file's data before it is deleted, sometimes multiple times, to ensure that the original data cannot be recovered.

Steps

• Use secure deletion methods to delete files
• Overwrite the file content before deleting it
• Ensure that the file is permanently deleted and not sent to the Recycle Bin
• Implement proper file deletion protocols

Compliant code

        import java.io.{File, FileOutputStream, RandomAccessFile}
import java.nio.file.{Files, Paths}
import java.security.SecureRandom

def secureDeleteFile(fileName: String) {
  val file = new File(fileName)
  if (file.exists()) {
    val randomAccessFile = new RandomAccessFile(file, "rws")
    val secureRandom = new SecureRandom()
    val data = new Array[Byte](1024)
    for(_ <- 1 to 10) { // overwrite file content 10 times
      secureRandom.nextBytes(data)
      randomAccessFile.write(data)
    }
    randomAccessFile.close()
    file.delete()
  }
}
        
        

The above code securely deletes a file in a Scala backend application that uses the Play framework.

The secureDeleteFile function first checks if the file exists. If it does, it creates a RandomAccessFile object for the file with "rws" mode, which allows reading and writing to the file.

A SecureRandom object is then created. This object generates cryptographically strong random numbers.

An array of bytes is created to store the random data. The file content is overwritten 10 times with this random data to ensure that the original data cannot be recovered.

After overwriting the file content, the RandomAccessFile is closed to release the resources associated with it.

Finally, the file is deleted using the delete method of the File class. This method deletes the file immediately, and it does not send the file to the Recycle Bin.

This approach ensures that the file is permanently deleted and that the original content of the file cannot be recovered, thus fixing the vulnerability.

References

• 082. Insecurely deleted files