Click here to Skip to main content
12,951,971 members (64,344 online)
Rate this:
Please Sign up or sign in to vote.
See more:
Is there a way to secure files created by my application so that it is even impossible for the administrator to delete them?

There is this finance related application I am working on. I have this concern that fraudulent users might,in order to cover up fraud, delete sensitive files. I wish to know how I can secure such important files and folders from such fraudulent users.
Posted 23-Sep-12 9:40am
Wes Aday 23-Sep-12 15:44pm
pasztorpisti 23-Sep-12 16:13pm
Build a readonly removable USB drive with your files on it burnt for example to some kind of rom, get a screwdriver and install it into the machine.
Mohibur Rashid 23-Sep-12 19:40pm
You should learn one very important thing about so called security. If you cant provide physical security then there is no security at all. You better rethink your design.
Sergey Alexandrovich Kryukov 23-Sep-12 20:28pm
But not precisely correct. It all depends on what period of time it should be protected. Please see my answer.
Sergey Alexandrovich Kryukov 23-Sep-12 20:30pm
This is a good note. Even though I answered the question (please see), the review of the approach could be much better.
Sergey Alexandrovich Kryukov 23-Sep-12 20:31pm
I don't think that might satisfy the OP, but it's a good way of going beyond the assumed conditions...
I actually provided an answer, please see.
pasztorpisti 23-Sep-12 20:52pm
Absolutely true.
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

This is quite possible to lock the files this way, of course, on temporary basis. To do that, it's enough to open the files based on exclusive access (which happens by default), and keep them open. If this is a Windows Service, it can be re-started automatically on system reboot; and the application processes won't stop if a use logs out and other users log in.

Of course, the administrator can always kill your process, but we are not talking about the impossible, right? After all, anyone can reformat the hard drive, but this is not what you want to take into account, I hope.

pasztorpisti 23-Sep-12 20:56pm
+5 this might work, at least I don't know any way to circumvent it
Mohibur Rashid 23-Sep-12 20:56pm
its a fact that you can always create a service both in linux and windows to lock file. but op dont want his file to be deleted even by administrator. I also dont think admin will like the idea of loosing control of system either. If the machine has multiple admin, then the suggestion would be dont give your admin password to everyone around you. And admin must have to know about op's application. As well as op must have to think about about, in a regular interval, backup taking procedure. Because even if the Admin is smart enough not to destroy your important things, op's machine can fail. Hard-disk can be corrupted.. So in summery, I still think there is better way to develop application where no body need an option of "No one can delete"
Sergey Alexandrovich Kryukov 23-Sep-12 21:00pm
Thank you.
Sergey Alexandrovich Kryukov 23-Sep-12 21:04pm
What can I say? You should follow strict logic and understand that there is no such thing as a miracle.
I just answered your question, and answered in full, because everything else is just permissions the admin can change.

"Nobody needs and option..." is probably the best approach, but remember that you did not describe your ultimate goal, so the different approach could not be possibly advised. I think you should review your general approach. And accept this answer formally (green button)...
Mohibur Rashid 23-Sep-12 21:14pm
I didnt ask :) the question hehehe..

Besides I gave you a +5 for your answer
Thank you, Mohibur.
Sorry, I replied to you as to OP by mistake...
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

Your problem cannot be resolved through technical means. It requires a management control too.

You need to have a good logging/monitoring mechanism. This will support management controls.

Creating a good logging mechanism is out of scope of a quick answer :)

Some ideas:
1. Log to a remote computer where local administrator doesn't have access.

2. Use Hardware security modules and store signature keys there. Then use them to sign access logs. In this way administrator cannot change signing keys and hence cannot delete/modify the logs undetected.

3. Configure Windows security logging appropriately.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

    Print Answers RSS
Top Experts
Last 24hrsThis month
OriginalGriff 6,239
CHill60 3,490
Maciej Los 3,083
Jochen Arndt 1,975
ppolymorphe 1,880

Advertise | Privacy | Mobile
Web02 | 2.8.170525.1 | Last Updated 25 Sep 2012
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100