PDA

View Full Version : how stop users copy a file locate in a desktop?



jason213123
08-08-2011, 11:47 AM
hi,
i have a file stored in the desktop and i want users can
see and open the file but i want disable the option
for users can copy that file
is that possible?
thanks for your help
:)

awaj
08-08-2011, 11:52 AM
what OS are you using? what kind of file is it? and by copy, you mean to a flash drive or something like that, or from emailing it to them?

jason213123
08-08-2011, 12:04 PM
hi,
i using windows xp
the file is a excel file, using a flash drive and email.
thanks for your help
:)

awaj
08-08-2011, 09:38 PM
there isn't too much I know about that. if you right click and go into properties, you can lock the file down pretty well. I know that you can prevent one from editing, but I don't know how to prevent copying to other devices without disabling the devices themselves, and disabling the web to take care of email... that's kind of drastic though

azzey
08-09-2011, 10:41 AM
A quick Google search yielded the following:

How to prevent a file being copied or cut in windows file system?
http://stackoverflow.com/questions/2290149/how-to-prevent-a-file-being-copied-or-cut-in-windows-file-system

Well, this is a hard problem. Even if you get explorer.exe to disable cut&paste, what prevents a user from using the command window? Or writing their own exe to do it? Booting up in linux and reading it?

Still, you have a few options (there will be more, most likely) which you could try:

Use the right permissions: Set the permissions such that the users who you don't want to cut&paste cannot read the file.
Write a device driver which can hook onto the filesystem calls and do that for you.
Encrypt the file.


And some hacky options like:

Use the APPINIT_DLLS regkey to put your own dll to be loaded into each process ( I am not sure if this will work with console process though). Then on your dll load, do IAT hooking to replace the kernel32.dll file calls.
Replace kernel32.dll with your own version. Might have to do some messing around with the PE format etc.


There are no guarantees though. If for instance, you expect them to be able to execute it, but not copy it, you are probably stuck.


If you let people read a file, then they can copy it
http://blogs.msdn.com/b/oldnewthing/archive/2006/12/06/1223600.aspx


There is no "Copy" access mask because copying is not a fundamental file operation. Copying a file is just reading it into memory and then writing it out. Once the bytes come off the disk, the file system has no control any more over what the user does with them.

There are a few ideas there, but as I suspected, there is no way to completely stop someone from copying a file. The bigger question to me is why do you want to stop people from copying the file in the first place?

Paul Komski
08-09-2011, 11:40 PM
If, as appears to be the case, you want to allow users to open the file then they can nearly always save a copy of the file using "Save As" from the application's file menu in the application that was used to open it.

If you want to protect access to the underlying excel data and/or calculations and just be capable of viewing the output you might consider making screenshots of the output from excel as long as there is not a huge amount of display which would entail multiple shreenshots.

If, for example, you have Adobe and use it to make you own pdf files and could import the relevant output into a pdf file then that output can be protected from being copied - other than by screenshot and which is nearly always a way round "copy protection".

More specifics of exactly what you want to achieve might allow peeps to come up with other workarounds or approaches.