保护文件不被读取 - 除特定应用程序外 [英] Protecting a file from reading - except from specific applications
问题描述
我有一个应该在第三方程序中打开的文件。该文件在需要之前已加密。当用户运行我的C#程序时,它将解密文件,使用第三方软件打开它,然后当软件完成时,它将重新加密文件。第三方不能自己进行加密和解密。
此设置的问题是在第三方程序打开期间,文件被暴露致全世界。它可以复制并粘贴到其他地方,破坏了加密的目的。
我想修复这个漏洞。我不知道如何防止文件被复制。我尝试使用名为Dokan的虚拟文件系统,这应该允许我更改文件的读取或写入方式。它的主要问题是我无法弄清楚如何控制该文件的读/写以防止复制。我认为Dokan也需要NTFS文件系统,我不应该假设最终用户有。
是否有另一种控制文件读/写的方法C#?
I have a file which should be opened in a third-party program. That file is encrypted until it is needed. When the user runs my C# program, it will decrypt the file, open it with the third-party software, then when the software is done, it will re-encrypt the file. The third-party cannot do the encryption and decryption itself.
The problem with this setup is that during the time the third-party program is open, the file is exposed to the world. It can be copied and pasted elsewhere, ruining the purpose of the encryption.
I''d like to fix this flaw. I''m not sure how to prevent the file from being copied. I tried using a virtual file system called Dokan, which will supposedly allow me to change how a file is read or written to. The main problem with it is that I can''t figure out how to control the read/write of this file to prevent copying. I think Dokan also requires NTFS filesystems, which I shouldn''t assume the end-user has.
Is there another way to control read/write on a file in C#?
推荐答案
不是真的。我真正看到的唯一选择是解密内存中的文件并将其传递给第三方应用程序。
这个缺陷实际上在于第三方的事实应用程序本身不进行加密/解密,并且没有提供传递解密信息的方法。
Not really. The only option I really see is decrypting the file in-memory and passing that to the third-party application.
The flaw really lies in the fact that the third party application doesn''t do the encryption/decryption itself AND doesn''t provide a way to pass in the decrypted information.
找到我的问题。虽然整个方案有点不正统,但修改目标应用程序本身并不实用。
我最后重新审视了Dokan解决方案。 Dokan从空文件夹中创建一种虚拟硬盘驱动器或创建新驱动器。这次我以我想要的方式成功修改了它,现在我可以控制各种应用程序如何与文件交互。
Found out my issue. Granted the whole scheme is a bit unorthodox, but modifying the target application itself isn''t practical.
I ended up revisiting the Dokan solution. Dokan creates a sort of virtual hard drive out of an empty folder or creates a new drive. This time I successfully modified it in the way I want, and now I can control how various applications interact with the file.
这篇关于保护文件不被读取 - 除特定应用程序外的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
