I have a windows Application that stores certain files in a directory. I would like to know if there is a way in .net that I can restrict users not to have access to that directly (by just going to that directory in windows, and grab files) so only my application can add/verify/delete a file in that directory.
+1
A:
This is only possible if your application runs with different credentials than the user running the application.
By default all applications run with the credentials of the user who launched the process. This means the application has the same directory and file restrictions as the user. Without a different account, the application can only decrease it's ability to access the file system, not increase it.
Dealing with the file system is evil in general. Even if you could get the user to not play in that directory you still can't trust the results will be in the exact same state as you left them. It's possible for other users, physical disk corruption or any number of other things to corrupt your files.
The only way to sanely program the file system is to expect failure from the start and count yourself lucky when it actually works.
JaredPar
2009-08-11 15:17:53
thanks for your prompt answer, so what other approaches do you suggest?
paradisonoir
2009-08-11 15:21:34
@paradisonoir, I'd need to know more about your application. But put simply, don't trust that the file system will be reliable. Instead consider it a bonus if it works. Start your planning out on that particular notion and go from there.
JaredPar
2009-08-11 15:45:32
@JaredPar, for sure, I am going to use different approaches, and this can be one of them.
paradisonoir
2009-08-11 15:48:37
@JaredPar, my application needs to store files such as text in a data folder, and then delete it when they close the application. We store it because we need to send it to another remote machine when they want to close the application, and because there are many of them, I cannot keep them in memory. I have to store them somewhere, but my concern is when the application is still running, and users can have access to those files (before sending out and deleting them)
paradisonoir
2009-08-11 15:50:35
+1
A:
The application needs to run as a specific user - and that user will always have the same rights as your application. You can, potentially, make a service that runs as an administrator to prevent standard users from accessing a directory, but the administrator will still be able to change things in the directory.
I suggest you look for another approach for your problem. There are potentially alternatives - perhaps you should consider keeping some type of encrypted hash on the directory contents. That would at least allow you to verify that the contents have not been changed, although it won't prevent the change from occurring.
Reed Copsey
2009-08-11 15:19:26
Thanks for your prompt answer. This means that I can store the hash encryption of my files, and then I can have better control on them. I understand that having restricted directory is absolutely fishy.
paradisonoir
2009-08-11 15:23:00
A:
Look at FileSystemWatcher - it doesn't prevent from changes in directory, but allows to notify program about changes in dir.
Dewfy
2009-08-11 15:21:07
A:
As others have mentioned, you need the application to act as a different user than the ones currently logged in. You should look into 'impersonation', here are some links that can get you started on getting your application to act as a different user when performing certain tasks:
http://csharptuning.blogspot.com/2007/06/impersonation-in-c.html
Jay S
2009-08-11 15:22:53
These are all great hints and examples. Though my problem would be when they want to grab the files by simply copying them.
paradisonoir
2009-08-11 15:37:36
Don't give the users access to the files. Create another user that can perform actions on the files and have your application impersonate that user. That way, your logged in users can't do anything with the files, but the application can.
Jay S
2009-08-11 15:44:28
A:
The easiest (although not secure in any way) method, would be to use a hidden folder, which the users know nothing about. so \servername\hiddenfiles$
A more secure alternative would be to change the credentials the program is using to access the folder. Is it necessary for them to access it as themselves?
An alternative would be to create a dummy account for each user, where they do not know the password. Make it relate to their windows login, so domain\myname becomes domain\mynamehidden. Then use this to connect to the directory.
This will ensure everything can be audited nicely too.
Bravax
2009-08-11 15:24:55
So the 2nd and 3rd Options should work fine, with the 2nd option being easiest to implement.
Bravax
2009-08-11 15:45:47
+1
A:
Could you use the Isolated Storage in .Net? While, it isn't necessarily restricted away from your users it may be a lot harder to find.... (stores under the local settings\application data\isolated storage for the logged in user)
Via code you work with it by using / importing the System.Io.IsolatedStorage and then you can create directories, files, etc... normal.
You also don't have to keep track of the actual directory on the HD it's in as .Net manages this. Maybe a nice plus.
klabranche
2009-08-11 15:47:52
Actually that was what I am looking for. I guess that reduces the risk of being easily accessible. However, if they find that directory by chance, they can easily go and copy/paste it. Am I right?
paradisonoir
2009-08-11 17:37:07
True, but the directory is hidden so most users don't even know it's there unless they have messed with their explorer settings and it's fairly deep (hidden by nature of where in OS it is).In Fact, I can never remember where it is! :)
klabranche
2009-08-11 19:01:58
If they do find it I would be asking what are they doing? Sounds a little like hacking to me.....
klabranche
2009-08-11 19:02:46
Fair enough, and then, if I want to retrieve those files, then I can read them through my application.
paradisonoir
2009-08-11 19:40:20
If your app isn't doing anything funky with permissions then yes, this is the point of Isolated Storage. :)
klabranche
2009-08-11 20:08:22