comment on

I'm writing a web page that accepts a .csv which contains sensitive PII (personally identifiable information). The site it's going to be on is hosted on a shared server. I currently have the script writing the uploaded file to disk, then reading that file, getting the info I need, then deleting the file. The file should be protected by the OS file permissions while it exists, but I realized that once deleted, it could theoretically be read by someone else on the system. What is the best practice/your suggestion for making this more secure? Keeping the upload in memory ( and dealing with all the security needed for that )? "Shredding" ( overwriting with random patterns or all 0's ) the file after processing before deleting? Something else that I haven't thought of?
EDIT: The shared server in question is on a reputable, PCI-compliant hosting service. I'm not just throwing stuff that should be secure on my neighbor's cousin's "web server".

In reply to Security on shared server by derekstucki

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.