L
LJ
Hi there security guru!
I have a simple question that boggles my mind. I have written a VB6
application that creates a file on a fileserver. Obviously, the user has
sufficient security rights to launch the application, which in turn has
enough security rights to create and alter that file. Once the file has been
created, the application itself does not allow the user to delete it and all
changes to it are recorded in the file itself.
My problem is that I want to restrict the user to alter or delete the file
created by this application using anything but the application itself (e.i.
if the user tries to delete the file using the explorer or any other tool,
she should get an Access denied error). This looks like a classical Catch-22
to me, have I overlooked the obvious?
Some extra info: the app runs on Windows Workstation NT4 (still!) and I'm
not afraid of using some Windows API functions.
Any thoughts?
Thanks for using your brain!
I have a simple question that boggles my mind. I have written a VB6
application that creates a file on a fileserver. Obviously, the user has
sufficient security rights to launch the application, which in turn has
enough security rights to create and alter that file. Once the file has been
created, the application itself does not allow the user to delete it and all
changes to it are recorded in the file itself.
My problem is that I want to restrict the user to alter or delete the file
created by this application using anything but the application itself (e.i.
if the user tries to delete the file using the explorer or any other tool,
she should get an Access denied error). This looks like a classical Catch-22
to me, have I overlooked the obvious?
Some extra info: the app runs on Windows Workstation NT4 (still!) and I'm
not afraid of using some Windows API functions.
Any thoughts?
Thanks for using your brain!