Spring MVC and Encryption at Rest_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-04-08 03:31 出处：网络

Sorry for the newbie question, I\'m trying to use the Spring MVC framework to upload files. I am trying to maintain encryption at rest, however the MultipartFile sta开发者_如何学编程tes that the up

Sorry for the newbie question,

I'm trying to use the Spring MVC framework to upload files.

I am trying to maintain encryption at rest, however the MultipartFile sta开发者_如何学编程tes that the uploaded file may be stored on disk during the upload(1). I do not encrypt the file until after the upload.

Does this break encryption at rest? Does "at rest" include information temporarily stored on disk during the course of the program?

Thanks in advance for any responses!

1: states that "The file contents are either stored in memory or temporarily on disk."

As long as the file is being stored in a temp location where it will not persist longer than the transaction, then I would say it doesn't break the at rest paradigm. If someone is watching a temp directory for fleeting files (whether a rogue admin or an outsider who has rooted your box), then you have bigger issues to deal with.

If the file persists in that temp location, then yes, the at rest paradigm is not being followed.