|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Make Security to DirectoryI made directory by using VB.Net by the following method: Directory.Directorycreat("C:\Husam") first I was thinking to make this directory invisable so I used Fileattributes to make it hide. But as you know any user can find this directory by going to tools and Folder options and show hidden file option. So I change my strategy and I used IsolatedStorage in System.IO.Isolatedstorage.IsolatedStorageFile but I got the same result, which that Any user by choseing show hidden file option can find the IsolatedStorage in C:\Document and Settings\username\microsoft\Application data\IsolatedStorage. So my quetion, Is there any way to make strong security to my directory either by adding password to it or using win32 api to make show Hidden file option disable to the user ? may be some of you asking why I dont think about using database, becuase database it must be installed with you program or there is must be a program handel it , and I want my application depend in windows only not any other progarm? any help will be appreciated regard's Husam What is your goal? Do you want to prevent reading and/or modifying of the
files by some users or all users, or something else entirely? <husamal_ahm***@yahoo.com> wrote in message Show quoteHide quote news:1116385366.423716.282630@g44g2000cwa.googlegroups.com... > Hi EveryBody: > > I made directory by using VB.Net by the following method: > > Directory.Directorycreat("C:\Husam") > > first I was thinking to make this directory invisable so I used > Fileattributes to make it hide. > > But as you know any user can find this directory by going to tools and > Folder options and show hidden file option. > > So I change my strategy and I used IsolatedStorage in > System.IO.Isolatedstorage.IsolatedStorageFile but I got the same > result, which that Any user by choseing show hidden file option can > find the IsolatedStorage in C:\Document and > Settings\username\microsoft\Application data\IsolatedStorage. > > So my quetion, Is there any way to make strong security to my directory > either by adding password to it or using win32 api to make show Hidden > file option disable to the user ? > > may be some of you asking why I dont think about using database, > becuase database it must be installed with you program or there is must > be a program handel it , and I want my application depend in windows > only not any other progarm? > > any help will be appreciated > > regard's > > Husam > Hi Nicole :
My goal behind that I want to prevent reading and modifying all the files by all users. regard's Husam Including administrators?
<husamal_ahm***@yahoo.com> wrote in message Show quoteHide quote news:1116420253.503043.236700@o13g2000cwo.googlegroups.com... > Hi Nicole : > > My goal behind that I want to prevent reading and modifying all the > files by all users. > > regard's > > Husam > Hello husamal_ahm***@yahoo.com,
you will never be able to "hide" something from an admin. You can indeed prevent normal users from modifying/reading the data : run as admin, create the files, ACL them. But then your application (running as a normal user) won't be able to read the files also. If you want to store "secrets" on a client machine - encrypt them. System.Security.Cryptography is your friend. Be aware that you need a key for encryption - this has to be stored somehow - e.g. hardcoded in your app code - this is also not a perfect solution, but significantly (depending on your clients) raises the bar. Encryption is not integrity protection - you could use keyed hashes for that, e.g. This could get complicated quickly. So if you only want to store something on the client and your app needs only read access: run an installer as admin encrypt the files put ACLs in place that prevent modification a sample app for encrypting files can be found here: http://www.leastprivilege.com/PermaLink.aspx?guid=f73ca1e0-bcfa-4563-862f-eb06ab317075 HTH --------------------------------------- Dominick Baier - DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Hi Nicole : > > My goal behind that I want to prevent reading and modifying all the > files by all users. > > regard's > > Husam > 
Other interesting topics
Method SetThreadPrincipal
Windows authentication Forms authentication fails on Windows XP PRO Encrypting short data w/ asymmetric cipher Forms authentication periodically requires re-login Troubleshoot Caspol System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, Publi CAS problems Security Application Block - forced password changes Security App Block |
|||||||||||||||||||||||
