How to open a passworded archive file for viewing securely.

[Blight]

I have a case, where I have a zip file that sits on a mounted encrypted TrueCrypt drive. The zip file itself is further encrypted with a password.

Now, if I want to view or edit a file from within the zip file, I enter the zip using TC and then press F3/F4 to view/edit it. I get prompted for a password and then the file is opened.

However, there is a serious security flaw here, the encrypted file I want to view/edit is written to a temp folder, completely unencrypted and in some usage cases may remain there if TC didn't close properly.

I could change the temp folder to the encrypted drive, but that drive is not always mounted and I don't really want the drive to be used for all TC's temp files.

Is there a way I can specify TC's temp folder on a per-drive basis? That's the only thing I can think of that would ensure sensitive data does not remain exposed by accident.

[Horst.Epp]

Thats not possible with TC or any other file manger.
The general problem here is that you don't have a secure system if temp or the windows swap file is not encrypted.
So encrypt your system drive or make a truecrypt volume just for temp
which is always mounted. This is no problem at all.

[ghisler(Author)]

Actually when TC unpacks files from an encrypted archive to TEMP, it overwrites it with all zeroes before deleting it. However, this isn't done when the ZIP itself is NOT encrypted, but located on an encrypted drive. In this case, you should put TEMP on an encrypted drive too.