disable uploading for a specific file on my computer?

Question

1.00/5 (3 votes)

See more:

How can disable uploading for a specific file on my computer system to enhance protection level.
Is there any way to lock file?

Posted 18-Aug-13 20:38pm

Crixus

Add a Solution

Comments

Sergey Alexandrovich Kryukov 19-Aug-13 2:52am

Just a note: it would not improve protection. So, what does it mean, "a specific file"?
—SA

Crixus 19-Aug-13 3:00am

lets just say I have to stop an image from being uploaded!
Just like file locking software or antivirus can stop normal user from accessing file.

Sergey Alexandrovich Kryukov 19-Aug-13 3:21am

This is not how antivirus works. But it won't help you. Anyway, what's your criteria for blocking?
And the only reliable approach is to upload the file, examine it, and then remove. Doing it in client side can easily be a target for all kinds of malicious exploits.
—SA

Crixus 19-Aug-13 6:21am

sorry for unclear wording. I just want that no process can upload my image file. I have already worked out how to check the process which is using my file. Now how can I stop it from uploading.

Sergey Alexandrovich Kryukov 19-Aug-13 9:59am

It's not "just". Follow the simple logic: you cannot determine that file is bad before you upload it. If you try to determine it on client side, a client can trick you easily.
—SA

syed shanu 19-Aug-13 3:54am

Your question is not much clear.What mean of stop uploading.Is do you have your application with Upload function.If so then in Upload Button Click you can filter only certain file type which need to be uploaded.For Example in Open or Save File Dialog
OpenFileDialog OpenFileDialog1 = new OpenFileDialog();
OpenFileDialog1.Filter = "JPG Files (*.JPG)|*.JPG";

if (OpenFileDialog1.ShowDialog() == DialogResult.OK)
{}
Save File Dialog
Bitmap bmp = new Bitmap(pnControls.Width, pnControls.Height);
pnControls.DrawToBitmap(bmp, new Rectangle(0, 0, pnControls.Width, pnControls.Height));
SaveFileDialog dlg = new SaveFileDialog();
dlg.Filter = "JPG Files (*.JPG)|*.JPG";
dlg.FileName = "*";
dlg.DefaultExt = "bmp";
dlg.ValidateNames = true;
//dlg.Filter = "Bitmap Image (.bmp)|*.bmp|Gif Image (.gif)|*.gif |JPEG Image (.jpeg)|*.jpeg |Png Image (.png)|*.png";
if (dlg.ShowDialog() == DialogResult.OK)
{

}

idenizeni 19-Aug-13 16:39pm

What would be the criteria to identify the specific file? Filename, file permissions, file content, file type, etc? I am guessing this is for a WinForms application and not a Web Application, correct? Are you just trying to prevent your WinForms application from being able to select the specific files? Or do you have a server application that also has to know what files to exclude?

Crixus 19-Aug-13 17:51pm

files can be identified by filename or filetype.Its more like a service which stops the specified files from being uploaded by any other application on the system.

5 solutions

Solution 2

To block a file you need to perform filtering on the client side.
Now - any client side mechanism can pretty much easily be fooled, like using, from name change, through encryption, zipping, other transformations, etc.

So you need to be more specific as to what you need to accomplish, so that we can help.
What large systems usually do is they use a "Demilitarized Zone"[^] that will receive incoming data/files/uploads and will decide what goes in the internal network etc.

Hope it's a start. You are welcome to provide more details on your needs and we can help further.

Cheers,
Edo

Posted 19-Aug-13 4:15am

Joezer BH

Comments

Herbisaurus 19-Aug-13 10:16am

*****

Sergey Alexandrovich Kryukov 19-Aug-13 10:36am

Good points, a 5. But, that said, filtering on client side can only be preliminary. One needs to upload a file to the server side first, and examine it.
—SA

Joezer BH 19-Aug-13 10:39am

True, that's why I posted a link to read a little about DMZs...
(And tnx for the 5)

Solution 1

It simply makes no sense, by the reasons I tried to explain in my comments to the question.

I also explained what you can do, but your requirements are too vague to discuss further detail. By now, you should get the main idea.

[EDIT]

As you probably did not get, I'm explaining it in one place.

First of all, not loading a file won't itself improve your security.

Now, you want to filter out some files. But follow simple logic: you cannot determine if a file is bad or good until you upload it and analyze on the server part. Then, it if is bad, you can removed it.

If you don't want to do it in the server part, it means that you should analyze the file on the client part. But don't do it, because on client part the malicious client can easily trick you. That would be really unsafe.

—SA

Posted 18-Aug-13 21:21pm

Sergey Alexandrovich Kryukov

Updated 19-Aug-13 4:03am

v3

Comments

Joezer BH 19-Aug-13 10:15am

5ed!

Sergey Alexandrovich Kryukov 19-Aug-13 10:36am

Thank you,
—SA

Herbisaurus 19-Aug-13 10:16am

*****

Sergey Alexandrovich Kryukov 19-Aug-13 10:34am

Thank you.
—SA

Solution 4

Ever heard of encryption... Encrypt the file and let them upload as much as they want... it would be useless on the other side :)

Posted 20-Aug-13 12:01pm

Tiaan Lombard (TiLO)

Solution 5

Back in the days of floppy disks (1980s/early 1990s), there was a software company that prevented copying of their product installer by putting an intentional hardware error on the disk, which allowed the installer to run, but not be copied from the disk. If I remember the details, all installer disks were laid out exactly the same, with executable on certain sectors and data files on other sectors, and the file of interest had a redundant section in it that was never touched when the program was run. This is where they manually globbed a drop of crazy glue on each floppy disk. I don't recall if the zapped file was the executable or the data file, but it was a novel idea, and it seemed to work well.

[update]
Here are several references to the technique:
1.[^]
2.[^]
3.[^]

If you ask Google nicely, it will give you a longer list...

Posted 20-Aug-13 17:23pm

H.Brydon

Updated 20-Aug-13 17:34pm

v2

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

idenizeni · Accepted Answer · 2013-08-19T13:05:00

FYI, none of the these options will truly protect the file as there are ways around all of them. That said, if you are just trying to have a file available to your application and prevent other processes/users from accessing/using it then one of these options may help.

Option #1 - With this option you would embed the image as a resource in your application and pull it out of the resource when needed. If the file needs to be an actual file then pull it out of the applications resources and save it to a file first. Then delete the file after the upload is complete.

Add resources:
http://msdn.microsoft.com/en-us/library/3bka19x4(v=vs.90).aspx[^]
Retrieving the image:
http://stackoverflow.com/questions/2412810/how-do-i-retrieve-an-image-from-my-resx-file[^]

Option #2 - Change permissions on the file programmatically when the application is installed. Basically, you programmatically create a special application user when the application is installed and set the file's permissions to this user. When the application runs, to get access to the file you will need to impersonate the special user within the application. I would avoid this option like the plague, if at all possible.

Create local user account:
http://support.microsoft.com/kb/306273[^]
http://stackoverflow.com/questions/384304/creating-local-user-account-c-sharp-and-net-2-0[^]
Change file permissions:
http://support.microsoft.com/kb/899553[^]

disable uploading for a specific file on my computer?

5 solutions

Solution 3

Solution 2

Solution 1

Solution 4

Solution 5

Add your solution here

Preview 0

Existing Members

...or Join us