How do I prevent user to open a file (Text File) in note pad or any text editor?

Question

1.50/5 (2 votes)

See more:

So here's my situation: Let's say I have an app that has a .config file where it saves all of the app's connection strings and other very important data: such as sql password

Is there a way for me to hide the config file or perhaps password protect it (with or without third party app) without affecting the app that accesses that file? or even hide or password protect the whole directory so I'll just add a shortcut to the run file of the app?

I need to do this since in our workplace the physical server is not password protected during startup because of unexpected power interruptions other people can turn back the server on, I just need to prevent those other people from accessing these files that they wont be getting the password or worst change it to something I don't know.

Screen saver with password is also not an option by the way.

Thanks in advance :)

PS: please try not to suggest to change the personnel and the way we interact with each other. :)

Posted 25-Nov-15 14:11pm

phyxian

Add a Solution

Comments

PIEBALDconsult 25-Nov-15 20:30pm

Basically, no.
Can you not use integrated security for the database? Then you can put the sensitive configuration in there instead of in a file.
And it sounds like your place is pretty screwed up if you honestly have such a concern.

phyxian 25-Nov-15 20:42pm

the problem is Im not the one who made the app so basically I can't implement new security protocols with it. And sadly the devs are now nowhere to be found. They provided the app in an as-is basis and not even open source

PIEBALDconsult 25-Nov-15 21:05pm

Perhaps you could have the process that starts the application replace the existing config file with a known-good version immediately before starting it?

phyxian 25-Nov-15 21:16pm

Im not so sure if that's possible for me, first is that I'm not much of an expert when it comes to that, and second I still dont fully understand how the apps loads everything before it displays its UI

2 solutions

Solution 2

I found a good third party application here
https://code.google.com/p/lock-a-folder/[^]

it contains password protection and the whole directory is hidden and yet still accessible via shortcut.

Posted 25-Nov-15 14:47pm

phyxian

Comments

BillWoodruff 25-Nov-15 21:09pm

I suggest you study the comments here before you use this ("abandoned by developers") code:

https://code.google.com/p/lock-a-folder/issues/detail?id=64

phyxian 25-Nov-15 21:20pm

It's not really that of a secured application but as I tried it in my test PC it does not interfere with the normal functions of the application I need to protect. It will be nice to have a better third party encrypting application, so I am still looking and will all possible options. Also when it hid the whole directory and I change folder settings to view hidden files and folders and show protected operating system files, sure it did show the folder but double clicking the folder it says that its inaccessible, thus I considered it as a plausible answer

PIEBALDconsult 25-Nov-15 21:43pm

Please don't answer your own question.

phyxian 26-Nov-15 0:41am

Im sorry for that :( I just want to post what I found out. That wont happen again

BillWoodruff 26-Nov-15 1:35am

Hi Piebald, the issue of OP answering their own question has been discussed a few times here; as I understand it, Chris says it's okay. Of course, we are free to vote on the "quality" of the solution. cheers, Bill

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

DanielBrownAU · Accepted Answer · 2015-11-25T14:28:00

Solution 1

Look at using encryption in the app.config

But then again, will this matter as they could just create an account on the server anyway?

Encrypting Passwords in a .NET app.config File - http://weblogs.asp.net/jongalloway/encrypting-passwords-in-a-net-app-config-file[^]

Encrypting and Decrypting application config sections - http://davidgiard.com/2012/06/05/EncryptingAndDecryptingApplicationConfigSections.aspx[^]

-DB

Posted 25-Nov-15 14:28pm

DanielBrownAU

Comments

phyxian 25-Nov-15 20:45pm

I like those article and maybe I'll try to add them to my applications but the problem is that I am not the one who developed that app, the dev's are nowhere to be found and I just need to protect that config file, it will not matter whether they create any number of accounts, the app will still read that fixed particular file in the directory it is saved to