Is there a way to secure files created by my application so that it is even impossible for the administrator to delete them?

Question

1.00/5 (2 votes)

See more:

Is there a way to secure files created by my application so that it is even impossible for the administrator to delete them?

There is this finance related application I am working on. I have this concern that fraudulent users might,in order to cover up fraud, delete sensitive files. I wish to know how I can secure such important files and folders from such fraudulent users.

Posted 23-Sep-12 9:40am

Gbenbam

Add a Solution

Comments

[no name] 23-Sep-12 15:44pm

No

[no name] 23-Sep-12 17:24pm

What a certain answer! :-)

Sergey Alexandrovich Kryukov 23-Sep-12 20:28pm

But not precisely correct. It all depends on what period of time it should be protected. Please see my answer.
--SA

pasztorpisti 23-Sep-12 16:13pm

Build a readonly removable USB drive with your files on it burnt for example to some kind of rom, get a screwdriver and install it into the machine.

Sergey Alexandrovich Kryukov 23-Sep-12 20:31pm

I don't think that might satisfy the OP, but it's a good way of going beyond the assumed conditions...
I actually provided an answer, please see.
--SA

Mohibur Rashid 23-Sep-12 19:40pm

You should learn one very important thing about so called security. If you cant provide physical security then there is no security at all. You better rethink your design.

Sergey Alexandrovich Kryukov 23-Sep-12 20:30pm

This is a good note. Even though I answered the question (please see), the review of the approach could be much better.
--SA

pasztorpisti 23-Sep-12 20:52pm

Absolutely true.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Sergey Alexandrovich Kryukov · Answer 1 · 2012-09-23T14:28:00

Solution 1

This is quite possible to lock the files this way, of course, on temporary basis. To do that, it's enough to open the files based on exclusive access (which happens by default), and keep them open. If this is a Windows Service, it can be re-started automatically on system reboot; and the application processes won't stop if a use logs out and other users log in.

Of course, the administrator can always kill your process, but we are not talking about the impossible, right? After all, anyone can reformat the hard drive, but this is not what you want to take into account, I hope.

—SA

Posted 23-Sep-12 14:28pm

Sergey Alexandrovich Kryukov

Comments

pasztorpisti 23-Sep-12 20:56pm

+5 this might work, at least I don't know any way to circumvent it

Sergey Alexandrovich Kryukov 23-Sep-12 21:00pm

Thank you.
--SA

Mohibur Rashid 23-Sep-12 20:56pm

its a fact that you can always create a service both in linux and windows to lock file. but op dont want his file to be deleted even by administrator. I also dont think admin will like the idea of loosing control of system either. If the machine has multiple admin, then the suggestion would be dont give your admin password to everyone around you. And admin must have to know about op's application. As well as op must have to think about about, in a regular interval, backup taking procedure. Because even if the Admin is smart enough not to destroy your important things, op's machine can fail. Hard-disk can be corrupted.. So in summery, I still think there is better way to develop application where no body need an option of "No one can delete"

Sergey Alexandrovich Kryukov 23-Sep-12 21:04pm

What can I say? You should follow strict logic and understand that there is no such thing as a miracle.
I just answered your question, and answered in full, because everything else is just permissions the admin can change.

"Nobody needs and option..." is probably the best approach, but remember that you did not describe your ultimate goal, so the different approach could not be possibly advised. I think you should review your general approach. And accept this answer formally (green button)...
--SA

Mohibur Rashid 23-Sep-12 21:14pm

I didnt ask :) the question hehehe..

Besides I gave you a +5 for your answer

Sergey Alexandrovich Kryukov 24-Sep-12 0:17am

Thank you, Mohibur.
Sorry, I replied to you as to OP by mistake...
--SA

manoranjan · Answer 2 · 2012-09-25T00:54:00

Your problem cannot be resolved through technical means. It requires a management control too.

You need to have a good logging/monitoring mechanism. This will support management controls.

Creating a good logging mechanism is out of scope of a quick answer :)

Some ideas:
1. Log to a remote computer where local administrator doesn't have access.

2. Use Hardware security modules and store signature keys there. Then use them to sign access logs. In this way administrator cannot change signing keys and hence cannot delete/modify the logs undetected.

3. Configure Windows security logging appropriately.