On Wed, Feb 23, 2011 at 11:48 AM, Timothy W. Grove <tim_gr...@sil.org>
wrote:
Hello Folks,
In a python application that I'm developing I've been asked to add
security
to databases that the program might create and access; the database
is to be
password protected by its creator. The application uses an SQLite
database,
which could be changed for another back-end if that would offer
better
security, but I would still like to use an embeddable database
file.
The problem isn't so much the database itself, as I can think of a
number of
way to encrypt the data it contains, but some of the data is simply
names of
image and video files contained elsewhere in the file-system. Is
there
anyway to prevent a user from simply opening up the file-system
from outside
of the application and viewing the files? One way that I can think
of would
be to encode the image/video files as BLOBS and store them in the
database
itself, but apart from that option, can anyone suggest other ways?
I'm
currently working with python2.7 under Windows7, but I'm hoping to
extend
the application to Linux and Mac also. Thank you for your help.
I don't know much about your system, but just as a hunch I'd say that
if this is a major requirement you're screwed. The old maxim: there
is
no cryptographic solution to the problem in which the attacker and
intended recipient are the same person.
Geremy Condra
Create a Group or User permission object in Windows where only your
application is the member of the group and assign file access to ONLY this
User/Group. This way regular users apart from administrator cannot access
the folder/files. Thats one way of doing it if i understand you correctly.
----------------------------
posted via Grepler.com -- poster is authenticated.
begin 644
end
--
http://mail.python.org/mailman/listinfo/python-list
