Securing files

Dr Vangel 470e8b8c35950 at poster.grepler.com
Thu Feb 24 07:30:45 CET 2011


>On Wed, Feb 23, 2011 at 11:48 AM, Timothy W. Grove <tim_grove at sil.org>
>wrote:
>> Hello Folks,
>>
>> In a python application that I'm developing I've been asked to add
>security
>> to databases that the program might create and access; the database
>is to be
>> password protected by its creator. The application uses an SQLite
>database,
>> which could be changed for another back-end if that would offer
>better
>> security, but I would still like to use an embeddable database
>file.
>>
>> The problem isn't so much the database itself, as I can think of a
>number of
>> way to encrypt the data it contains, but some of the data is simply
>names of
>> image and video files contained elsewhere in the file-system. Is
>there
>> anyway to prevent a user from simply opening up the file-system
>from outside
>> of the application and viewing the files? One way that I can think
>of would
>> be to encode the image/video files as BLOBS and store them in the
>database
>> itself, but apart from that option, can anyone suggest other ways?
>I'm
>> currently working with python2.7 under Windows7, but I'm hoping to
>extend
>> the application to Linux and Mac also. Thank you for your help.
>
>I don't know much about your system, but just as a hunch I'd say that
>if this is a major requirement you're screwed. The old maxim: there
>is
>no cryptographic solution to the problem in which the attacker and
>intended recipient are the same person.
>
>Geremy Condra

Create a Group or User permission object in Windows where only your 
application is the member of the group and assign file access to ONLY this 
User/Group. This way regular users apart from administrator cannot access 
the folder/files. Thats one way of doing it if i understand you correctly.


----------------------------
posted via Grepler.com -- poster is authenticated.
begin 644 
end




More information about the Python-list mailing list