views:

214

answers:

2

Hi all,

Is it possible to delete-protect a file/folder using Registry or using a custom written Windows Service in C#? Using Folder Permissions it is possible, but i am looking for a solution that even restricts the admin from deleting specific folders.

The requirement is that the administrator must not be easily track the nature of protection and/or may not be able to avert it easily. Obviously all administrators will be able to revert the procedure if the technique is clearly understood.

Like folder Permissions/OwnerShip Settings can easily be reset by an administrator. SO that is not an option.

Folder protection software can easily be uninstalled and show clear indication that a particular folder is protected by some special kind of software. SO that too is not an option.

Most antivirus programs protect folders and files in Program Dir. Windows itself doesnt allow certain files such as registry files in c:\windows\system32\config to not even copied. Such a protection is desired for folders which allowse to read and write to files but not allow deletion. Similar functionality is desired. The protection has to seemless and invisible.

I do not want to use any protection features like FolderLock and Invisible secrets/PC Security and Desktop password etc. Moreover, the solution has to be something other than folder encryption.

The solution has to be OS-native so ** that it may implemented ** pro grammatically using C#/VB.Net.

Please help.

Thanks

+3  A: 

Obviously all administrators will be able to revert the procedure if the technique is clearly understood.

Please don't tell me your solution is going to rely on security by obscurity...

Anyway, if you don't trust people with administrative rights on the server not to do the right thing, then I suspect you are trying to solve the wrong problem. The problem you should be trying to solve is restricting access rights, and training those who have elevated privileges.

David M
+1  A: 

Well, i don't know what you are actually trying to achieve, one option to prevent the deletion is to keep the file open in write mode from your program. nobody will be able to delete it as long as it is open. This is why you are not able to delete windows registry files.

But this does mean that nobody else will be able to write to the file.

NimsDotNet