lucene-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steven Schlansker <ste...@likeness.com>
Subject Re: In memory index (current status in Lucene)
Date Mon, 01 Jul 2013 21:55:40 GMT

On Jul 1, 2013, at 2:41 PM, Lance Norskog <goksron@gmail.com> wrote:

> My current open source project is a Directory that is just like RAMDirectory, but everything
is memory-mapped. The idea is it creates a disk file, opens it, and immediately deletes the
file. The file still exists until the IndexReader/Writer/Searcher closes it. But, it cannot
be found from the file system. This is just like a RAMDirectory, but without memory limitations.
> 
> It's proving to be harder than it looked.
> 
> The application is to store encrypted indexes in memory, with the decrypted contents
in this non-findable format. I'm in medical document analysis now, and we can't store anything
on disk in the clear.

I'm worried that this might not actually be secure.  It certainly would be hard to find the
data if the file is deleted in this way, but there are multiple ways to expose this confidential
information (e.g. fsck reattaching the inode if it is lost, or directly by executing "ln /proc/<pid>/fd/<fdno>
/recovered-file" or other such trickery.

I would not trust this approach to keep the data secure, especially if there are potential
lawsuits involved.

Best,
Steven


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@lucene.apache.org
For additional commands, e-mail: java-user-help@lucene.apache.org


Mime
View raw message