- β PROHIBITED:
fs::write()of extracted images, text, or any document content - β PROHIBITED: Debug files with document data
- β ALLOWED: Statistics and metadata only
- All confidential content MUST remain in memory only
- Use temporary files ONLY for system tools (like Tesseract)
- Clean up temporary files immediately after use
- β PROHIBITED:
println!()or logging of document text content - β PROHIBITED: Debug output with extracted images
- β ALLOWED: Processing statistics, page counts, confidence scores
- Use system temporary directories only
- Clean up ALL temporary files
- Never save temp files in project directory
Before any OCR processing code:
- No
fs::write()calls with document content - No debug image saving
- No content logging
- Proper temp file cleanup
- Memory-only processing
// SECURITY VIOLATION - Saves extracted image
let debug_path = format!("extracted_{}x{}.jpg", width, height);
fs::write(&debug_path, &image_data)?;
// SECURITY VIOLATION - Logs document content
println!("Extracted text: {}", ocr_result.text);
// SECURITY VIOLATION - Saves document data
fs::write("debug_output.txt", &extracted_text)?;// SECURE - Statistics only
println!("Processed {} characters with {:.1}% confidence",
ocr_result.text.len(), ocr_result.confidence * 100.0);
// SECURE - Memory processing only
let processed_data = process_in_memory(&image_data)?;
// SECURE - Proper temp file handling
let temp_file = NamedTempFile::new()?;
// ... use temp file ...
// temp_file is automatically cleaned upIf confidential data is accidentally saved:
- IMMEDIATE: Delete all files with
rm -f - VERIFY: Use
findto ensure no stray files - FIX CODE: Remove the security violation
- RECOMPILE: Ensure no warnings
- DOCUMENT: Update this security guide
- All code MUST pass security review
- No exceptions for "debugging" or "testing"
- Security failures are critical bugs
- All team members responsible for enforcement