[PySIL] Securing files
software-develop_philippines at sil.org
Thu Feb 24 15:36:58 CET 2011
> The problem isn't so much the database itself,
> as I can think of a number of way to encrypt the data it contains,
> but some of the data is simply names of image and video files
> contained elsewhere in the file-system.
Actually, this is something like I had to think through with a prayer/newletter archiving program.
> One way that I can think of would be to encode the image/video files
> as BLOBS and store them in the database itself, but apart from that
> option, can anyone suggest other ways?
The problem with this method is that if you need to store large pieces of data there may be a data transmission limit (eg. how long your SQL insert can be) when storing the data. Increasing the size allowed fixes that problem, but writing it straight to the file-system bypasses that problem completely.
And if you have a web interface, the question becomes one of a denial of service attacks and sql injection attacks. And if you write in a path accessible by the web server (/home/prayerletters/public_html/...), you've opened the data to the world too, so you must write elsewhere. This, however, leads to your question of people just changing directories and looking at the files themselves.
This is where another UserID (prayerletters) comes in. If you can store the files in a directory that only a specific user can access (/home/prayerletters/Letters/...), then the program can run as that UserID to process/display the data.
Anyone that can change directories can't get into the directory to view them, unless they are administrators or that specific user. This solves the problem, and is relatively simple compared to encryption.
Though, I don't know how simple under windows. This link may be helpful:
It would also complicate installation, as the install program would somehow need to create the new user (if running atand alone). If running in a domain environment, you could use a domain user and path on a server to secure it. As you can see, the working environment really changes how you implement the other UserID.
Though, remember to make it not your UserID, because if you change the password, then the program will stop working when you change your password. :)
Hope this helps the planning process a little.
More information about the Python-list