Secure Erase of files stored on file server

Hi there
Not sure if this is the right forum for this, but here goes...
I have client machines set up for 'Secure Empty Trash', but is there a way I can ensure the same erase 'level' of files that are deleted from the file server (running OSX Server 10.5)? Currently when files stored on the server are dragged to the trash a message pops up saying that they will be deleted immediately, but is there any way to set these to be deleted 'securely' like the desktop machines?
Thanks

If your server is sufficiently breached, you're toast.
As for options and considerations...
There's a free-space erasure within Disk Utility. (I'd be paranoid around running any of this stuff near my not-erased data, but that's another discussion.)
There are encrypted partitions, and various software-based encryption schemes.
Removable locked storage can be a possibility here, but that only works if the disk with the sensitive data doesn't eventually end up co-resident on the breached server.
There are encrypting disk drives around. WinMagic was one of the few solutions that tied into full-disk hardware encryption on Mac, though there are potentially others around.
There are outboard hardware controllers, but they're probably out of your price range.
If your server is hacked by a sufficiently determined attacker, then only something like per-file file-based encryption might help, and only if the attacker can't capture the decryption keys for the individual files. Which is why various organizations will partition critical servers physically offline, or will create trusted (sub)networks; configurations entirely disconnected from all other networks.
(There really isn't a good perimeter these days. There are attacks via authorized clients connecting via VPN or web sites that seek to back-connect from clients out through your firewall, or compromised clients on your LAN, or spearfishing, can cause mayhem. All sorts of ugly.)
Security is like insurance. You probably want some of that, and not too little of it and definitely not too much security. And you can spend an infinite amount on it and one sufficiently egregious mistake can still invalidate your whole scheme.
If this is a legal or procedural requirement, I'd suggest discussing this with somebody that knows FIPS-140 or HIPAA or whatever particular requirements you're dealing with here, and security, and Mac OS X.

Similar Messages

  • Hyperlink to a file stored on a server

    Hi guys,
    I've created dynamic pdf in LCD. It allows creating hyperlinks, but unfortunately only to web locations. I'd like to create a link that connects to a file stored on a server based on the DFS file system.
    Is it possible to do something like that? It has to work with Adobe Reader.
    Thanks for your help.
    Marian

    I believe the access to the file system is blocked for security reasons.
    Paul

  • Create a Document with an original file stored on application server

    Hello,
    I start with document managment system : i am able to create new document (CV01N) manually, add a local file and check-in this file.
    Now we need to store file which are stored on the SAP Application Server.
    Firstly, in the GUI of transaction CV01N, i don't know how to browse file on application server. All files i can't attach as original, are files i can access from my computer.
    Is it possible to access also on application server files ?
    Moreover, i have to define function module which have to
    - Create a document (DMS)
    - Attach an orginial file which is stored on application server
    - Check-in the file
    This function module will be called from a web application
    I define this kind of function and run it correctly with a local file (stored on my computer) : i call BAPI "BAPI_DOCUMENT_CREATE2" and "BAPI_DOCUMENT_CHECKIN2"
    But i don't how to do with a file stored on application server. I see also note 504692 and try a program like ZZUZTEST_TEST_CHECKIN which use FM CVAPI_DOC_CHECKIN but it return an error Error uploading  E:\usr\sap\TD1\DVEBMGS00\data\FACTURE.txt" (this path and file exist on application server and is really the file i want to checkin)
    Please could you confirm what i search, is possible or not.
    If possible, could help me with some explanations and guidelines and perhaps a sample ?
    Thank you very much.
    Regards,
    Eric
    The function used
    FUNCTION Z_TEST_CHECKIN.
    Checkin the first original of a document info record *
    from the application server and/or in the background *
      data   : w_host like BAPI_DOC_AUX-HOSTNAME.
      data: lf_line(255).
      data: ls_draw like DRAW,
            ls_message_cvapi like messages,
            lt_files_cvapi type standard table of CVAPI_DOC_FILE,
            lt_files_cvapi_header like CVAPI_DOC_FILE.
      data: lt_originals LIKE cvapi_doc_file OCCURS 0 WITH HEADER LINE,
            vo_originals LIKE cvapi_doc_file OCCURS 0 WITH HEADER LINE.
      ls_draw-dokar = 'ZFT'.
      ls_Draw-doknr = '0000000000000004500000032'.
      ls_Draw-dokvr = '00'.
      ls_Draw-doktl = '000'.
    Read Originals contained in the document info record
      CALL FUNCTION 'CVAPI_DOC_GETDETAIL'
        EXPORTING
          pf_batchmode    = 'X'
          pf_hostname     = ' '
          pf_dokar        = ls_draw-dokar
          pf_doknr        = ls_draw-doknr
          pf_dokvr        = ls_draw-dokvr
          pf_doktl        = ls_draw-doktl
          pf_active_files = 'X'
        IMPORTING
          psx_draw        = ls_draw
        TABLES
          pt_files        = vo_originals
        EXCEPTIONS
          not_found       = 1
          no_auth         = 2
          error           = 3
          OTHERS          = 4.
      IF sy-subrc <> 0.
        WRITE 'Error returned by CVAPI_DOC_GETDETAIL'.          "#EC NOTEXT
        EXIT.
      ENDIF.
    Check if we can really access the file from the application server
      read table vo_originals index 1.
      open dataset vo_originals-filename for input in text mode ENCODING DEFAULT.
      if not sy-subrc is initial.
        message e500(26) with vo_originals-filename 'not found'.
      endif.
      read dataset vo_originals-filename into lf_line.
      if not sy-subrc is initial.
        message e500(26) with vo_originals-filename 'read error'.
      endif.
      lt_originals             = vo_originals.
      lt_originals-STORAGE_CAT = 'SAP-SYSTEM'.
      append lt_originals.
      w_host = sy-host.
      CALL FUNCTION 'CVAPI_DOC_CHECKIN'
      EXPORTING
      PF_DOKAR = ls_draw-dokar
      PF_DOKNR = ls_draw-doknr
      PF_DOKVR = ls_draw-dokvr
      PF_DOKTL = ls_draw-doktl
    PS_DOC_STATUS =
      PF_FTP_DEST = 'SAPFTPA'
      PF_HTTP_DEST = 'SAPHTTPA'
    *PF_HOSTNAME =  w_host
    PS_API_CONTROL =
    PF_REPLACE = ' '
    PF_CONTENT_PROVIDE = 'SRV'
      IMPORTING
      PSX_MESSAGE = ls_message_cvapi
      TABLES
      PT_FILES_X = lt_originals
    PT_COMP_X =
    PT_CONTENT =
      IF ls_message_cvapi-msg_type CA 'EA'.
        ROLLBACK WORK.
        MESSAGE ID '26' TYPE 'I' NUMBER '000'
        WITH ls_message_cvapi-msg_txt.
      ELSE.
        COMMIT WORK and wait.
      ENDIF.
    ENDFUNCTION.

    This is a bit tricky. I spent lots of hours about this .
    You have to set PF_HOSTNAME with your name of your AS and gives the path to the file on the server.
    You wrote
    *PF_HOSTNAME = w_host
    But beware: if you have more thän one AS you have to fix one AS for upload or you have to find the servers name of the file. A better way can be to share one folder by each AS.
    You also have to decide between HTTP or FTP.
    You wrote:
      PF_FTP_DEST = 'SAPFTPA'
      PF_HTTP_DEST = 'SAPHTTPA'
    You must define only one ! Then you have to check your settings in SM59 about working right.
    Pls rate, if this was helpful.
    Regards,
    Markus

  • How to download a csv/excel file stored in a server using OA Framwork

    Hi All,
    We have a requirement where we have to generate a CSV file using PL/SQL block and the user shoul download that csv file to his client machine whenever it requirs to him. We have generated csv file and save the same in a particular location in the server. As the CSV file size may be around 10 to 15 MB we feel the storing and retrieving of the csv file in a BLOB object is a performance hit. Now we want to dowload the file from the csv file path without storing the csv file into database BLOB object.
    Is this possible using OA framwork? if so please guide me how to do this.
    Thanks in advance.
    Regards,
    Sathesh.

    If u know following details you can use below method to download any file ( XLS/any) its generic method I have used in one of my project-
    1. File Name with Extension
    2. File path at which it has been placed
    3. Page Context (you must know i assume)
    public void DownloadFileFromServer(OAPageContext pgeContext, String file_name_with_path,
    String file_name_with_ext)
    System.out.println("Filename path "+file_name_with_path + "File Name:" + file_name_with_ext);
    HttpServletResponse responseVar = (HttpServletResponse)pageContext.getRenderingContext().getServletResponse();
    if (((file_name_with_path == null) || ("".equals(file_name_with_path))))
    System.out.println("File path is invalid.");
    File fileToDwnld = null;
    try
    fileToDwnld = new File(file_name_with_path);
    catch (Exception e)
    System.out.println("Invalid File Path or file does not exist.");
    if (!fileToDwnld.exists())
    System.out.println("File does not exist.");
    if (!fileToDwnld.canRead())
    System.out.println("Not Able to read the file.");
    String MADfileType = getMADMimeType(file_name_with_ext);
    System.out.println("File Type - " + MADfileType);
    responseVar.setContentType(MADfileType);
    responseVar.setContentLength((int)fileToDwnld.length());
    System.out.println("File Size is " + fileToDwnld.length());
    responseVar.setHeader("Content-Disposition", "attachment; filename=\"" + file_name_with_ext + "\"");
    InputStream inStr = null;
    ServletOutputStream outStr = null;
    try
    outStr = responseVar.getOutputStream();
    inStr = new BufferedInputStream(new FileInputStream(fileToDwnld));
    int ch;
    while ((ch = inStr.read()) != -1)
    outStr.write(ch);
    catch (IOException e)
    e.printStackTrace();
    finally
    try
    outStr.flush();
    outStr.close();
    if (inStr != null)
    inStr.close();
    catch (Exception e)
    e.printStackTrace();
    Edited by: aprak on Oct 18, 2011 1:08 AM
    Edited by: aprak on Oct 18, 2011 1:09 AM

  • Execute listcube in background - where is the file stored on app server

    Hi,
    I want to execute listcube in background.
    to execute in background, the only output option available is Store in file (appl server).
    My question is where is this file stored.
    there is no information in the job log nor is there any spool.
    Also, can I determine myself where is this output file written.

    I have a couple of questions that could lead to an answer to your question...
    Does your BW environment have one or more application servers, in addition to the Database Central Instance (DBCI)? If so, do you use logon groups for SAP Logon so that the logon loads are balanced?
    I'm asking these questions because if you have a multiple application server environment and logon balancing, you may not be logging onto the same server every time that you're executing LISTCUBE and it will save to the directory path of the server you're logged onto.

  • Problem: securely erasing home folder after enabling file vault

    I enabled file vault. It took 4 days (125 GB) to "securely erase home folder", then when it finally reached 100% I got an error message that it could not be erased after all. I also now got an icon on the desktop (protected house) showing my home folder. Anybody experience with this? What do I do to securely erase? What can I do to speed it up? I have 4GB RAM and a HD of 500GB

    open /Applications/Utilities/Terminal.app
    At the prompt type:
    diskutil secureErase freespace 0 /
    (press return)
    This will secure erase free space on your boot volume.
    Level "0" (zero) is a Single-pass zero-fill erase. Levels 0 through 4 are supported.
    Here is a full description of the different erase levels: 0 - Single-pass zero-fill erase.
    A. 1 - Single-pass random-fill erase.
    B. 2 - US DoD 7-pass secure erase.
    C. 3 - Gutmann algorithm 35-pass secure erase.
    D. 4 - US DoE algorithm 3-pass secure erase.
    for more info (in Terminal) type:
    man diskutil
    (press return)
    This should take considerably less time than 4 days. On my Mac Pro with 162GB boot volume,
    130GB free (I keep my data on a different volume) it takes about 10 minutes using level "0".
    Disk Free Space Warnings are normal during operation and can be ignored.
    more info about it from apple support:
    http://support.apple.com/kb/TA24002
    You can invoke the erase procedure from Disk Utility GUI interface, but it usually is quicker
    when run from terminal.
    Kj ♘

  • Where is the UME data source configuration XML file stored on the server?

    I'm trying to activate windows integrated authentication in my portal server.  The java engine's UME configuration has been loaded as a deep AD read only database using the file "dataSourceConfiguration_ads_deep_readonly_db.xml" but I can't find this on my server.  I need to modify a couple of parameters in there to activate kerberos principal management.  My recent portal training course offered me a completed working example but it was for an ads_flat_writeable_db so I can't simply load that and I need to understand the changes required.
    Where to I find the configuration file on my java instance server so I can make the necessary changes to a copy and upload that?

    Try to read
    https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e1959b90-0201-0010-849c-d2b1d574768b
    UME user data is stored in one or more data sources. Each type of data source has its own persistence adapter. The persistence manager consults the persistence adapters when creating, reading, writing, and searching user management data. Persistence adapters for the following types of repositories are available: 1. Database: See the Product Availability Matrix on SAP Service Marketplace (http://service.sap.com/pam60) for details on which databases are supported. 2. u2022 Lightweight Directory Access Protocol (LDAP) directory: See the Product Availability Matrix on SAP Service Marketplace (http://service.sap.com/pam60) for details on which directories are supported. 3. SAP Systems based on Web Application Server 6.20 You can configure UME to use one or more of these persistence devices in parallel. Users can also be stored in several different physical LDAP directory servers, or in different branches of the same LDAP directory server.

  • Accessing files stored in Common Server and share drive with  SAP DMS

    Hi DMS Gurus,
    We have a requirement, apart from retreving the data from content server storage, the client also wants the documents stored in common file server and Share drive also to be accessed through DMS,
    1) one option for this may be upload all the documents in the existing servers to DMS Content servers to get the full funtionality of DMS i'm i right? please suggest.
    here again they have lacs of document so this may not be a ideal solution, now 2nd option is
    2) create a data carrier and Mount points with the existing server if i'm right, but by just doing this what funtionalities will this provide
    i have a preassumption that this existing common server can be used as a storage area for DMS (as vault or common server), but only those documents which are stored in to this common server or shared folder through DMS can be retrived by DMS., again i'm i right?
    but how can we access all the lacs of file which are already existing there for years.
    how can we see all the documents in SAP DMS which are stored earlier in this common server before DMS,
    is migrating all the necessary preexisting documents to SAP DMS the only Solution for this.
    any solution for this please suggest.
    Points sure for any clarification given
    Thanks and  Regards
    Priya S
    Edited by: Priya S on Feb 25, 2009 3:36 AM
    Edited by: Priya S on Feb 25, 2009 3:36 AM

    hi Priya
    This is an old thread but nevertheless would like to give some inputs.
    your point .. common file server and Share drive also to be accessed through DMS,
    1) one option for this may be upload all the documents in the existing servers to DMS Content servers to get the full funtionality of DMS.
    <The option 1 is an ideal option as in future u would one day need to migarate the documents if u intend to use SAP DMS as the DMS system in ur org>
    Alternatively if the documents would still need to be retained in the file server but also would need to associate to SAP business objects u could use the Define data carrier external DMS.
    This again depend on what kind of documents are stored in the file server & are they relevant to be associated to SAP objects/ Transactions.
    The point here is u still want to use SAP DMS to view the file , all though there are other option as Archive link, Service for objects etc. Using SAP DMS option will still call for creating DIR in SAP & assigning the file path hyper link using LSMW /upload prog.
    So as for a temp sol till u clean up the file server u can use the hyperlink and later migrate to Content server.
    Regards
    John

  • Reg. PDF file stored in oracle server directory

    Dear All ,
    How to stored PDF generated file in oracle server directory.
    Thanks & Regards
    shailesh

    You need a directory object in Oracle for that server directory. That directory needs to be accessible (permission/ACL wise) to the local database processes to read/write from/
    The schema that will be doing the read/write using that directory object, needs read/write privs on it.
    UTL_FILE is used by PL/SQL code to write database contents to file.

  • Opening a file stored at application server

    Experts,
        I have put a document on application server using DATASET .
       Now I want to open the same file from there only.
       ho to do that.
    Thnx in Advance
    Chetan

    Hi Chetan ,
    U can use following code to open the file u created in application server.
    1.
    data: <dataset_name>(25)  value '.\tmp\file_sarang_01.txt'.
    open dataset <dataset_name> for input in text mode encoding UTF-8
    read dataset <dataset_name> into itab_wa.
    Append itab_wa to itab.
    close dataset <dataset_name>
    loop at itab.
    write: itab-field1 , itab-field2 .
    endloop.
    2.  U can use transaction CG3Y  , to save file from application server to presentation server directly.(A short cut for u)
    I hope this solves ur problem
    Reagrds.
    Note: Reward if useful

  • Problem opening freehand files stored in linux server

    hi,
    i have mac and i work using a file server that has a linux.
    The problem is that when i saved a freehand file, after cloosing
    the program and reconect to the local server, i try to open the
    file but freehand ask me for the images the the document has. Is
    like freehand forget the links of the images or can't find it in a
    linux server where they are when i create the file.
    Anyone knows what can i do?
    thanks

    Yes, i know if we put the images in the same folder or i we
    embedded de images in the document the problem doesn't ocurre, but
    we used to work with the same image in lots of documents, like ads,
    catalogues, flyers,... and we can't put each image in each folder
    the disk quote will increase a lot. Moreover if we embedded the
    images the document file will be higger and it's not good to send
    it .
    Thanks

  • Open VDW files stored on file share using Visio Web Access

    Hi,
    Is it possiblwe to view VDW files that are stored in a file share using Visio Web Access in SharePoint?
    If so, how?
    Opening up a Visio Web Drawing stored in a SharePoint document library is straight forwards however I want to view a visio web drawing stored in a file system using the web access service.
    Hope I'm made myself clear.
    MDB

    Hi Jens,
    I will suggest you to call the support center, cause there are some bugs related to the issue you are having.
    http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
    Regards.

  • Url to html file stored in files.online fails

    I have a page that has a region of type URL with region source set to http://files.oraclecorp.com/content/AllPublic/SharedFolders/ST_Project_V3_Help-Public/V3_Focus_Area_Create_Short_Help.html
    When we run this page we get error message HTTP 404 - File not found
    I just copied the files.online location into the region source to make sure it is correct. Still fails. This used to work, but it stopped working on existing pages.

    Neal,
    I get an entirely different message:  Not Found
      The requested URL  /app/HomePage$fwdurl=http:$|$|files.oraclecorp.com$|content$|AllPublic$|
    SharedFolders$|ST_Project_V3_Help-Public$|V3_Focus_Area_Create_Short_Help.html was not found on this server.Assuming that you transcribed the message incorrectly, my hunch is that the page is no longer publicly accessible (I think there was an announcement about that last week.). Pages that depend on cookies or that redirect won't work in URL regions.
    As a general technique, you can run this in SQL*Plus to see what your URL region will see: select utl_http.request('<url>',[proxy]) from dual;
    Scott

  • How to kill secure erase after turning on File Vault?

    I turned on file vault on my MacBook with OS 10.6.4 and selected the secure erase option for the resulting empty space. The File Vault encryption process completed fairly quickly, but the secure erase has carried on for 48 hours and I'm just at 26% complete as per the security pane of System Preferences.
    I'd like to stop the secure erase process. It seems like overkill, and as this computer (and the hard disk) are 4+ years old, I'm thinking the wear and tear on the drive is more than is necessary.
    I've tried killing the secure erase process ("sudo kill -9 ...") but the process re-spawns.
    My question: is there a safe way to stop the secure erase process after turning on File Vault? (I am fully backed up with Time Machine if that makes any difference.)

    Ah-HA! OK, I've fixed the problem the right way now instead of the ugly method of renaming secure_erase, which was admittedly a hack until I had more time to look at things.
    The queue for secure_erase is stored in /var/db/fvsecureerase.jobs/ - you need to cd into that directory and look for the files there, and remove them. By deleting the numbered job, you will remove it from the secure_erase queue.
    HOWEVER, please look at the files first and then manually delete the file path listed, otherwise you will leave those to-be-destroyed files UNDELETED. This is probably NOT what you want. What happens is that secure_erase moves the "original" files into a new directory (in my case the file was named /Users/jtodd.10307331336706142097) and then secure_erase does it's magic on that directory and wipes out each file in a tedious, secure way. If you made a mistake and don't want to wait the 20 days for it to finish the tedious method, you can just "rm" it the old fashioned way. I typically pipe "yes" into the "rm -R" command since there are a lot of strange permissions things that rm asks about and I would otherwise spend an hour hitting "y" on every file about which it uncertain - hooray for UNIX pipes! For instance, this is a what I did (again, as root):
    sh-3.2# cd /var/db/fvsecureerase.jobs
    sh-3.2# ls -lsa
    total 8
    0 drwx------ 3 root admin 102 Nov 12 11:44 .
    0 drwxr-xr-x 51 root wheel 1734 Nov 12 11:44 ..
    8 -rw-r--r--@ 1 root admin 33 Nov 10 13:53 501
    sh-3.2# cat 501
    /Users/jtodd.10307331336706142097
    sh-3.2# rm 501
    sh-3.2# yes|rm -R /Users/jtodd.10307331336706142097

  • Opening pdf files stored on server

    Hi
    We have an application in which we display pdf files stored on the server.
    Pdf files opens in a new browser.
    User selects the invoice number from a list and based on the invoice selected, we get a pdf file from R/3 system. This file is stored in a particular folder on the server. We extract this file from the folder to show it to the user in a separate browser.
    This functionality works fine in the development system but not in test system.
    We have recently installed our test system and have done all required settings in config tool.
    Config Tool --> Display configuration --> HttpHttps --> Root and Alias folder.
    But despite this the functionality is not working.
    Is there some other setting that I have missed.
    Unfortunately these settings were done in the dev system by someone else and I do not have a document for it.
    Can anyone help me please.
    This is very urgent for me as we are plannning to migrate our production system as well. I may face the same problem over there as well.
    Regards
    Vineet

    Hi,
    We have the same requirement at our client end. Could you please guide me for the same?
    Regards,
    Sachin Mahajan

Maybe you are looking for