Solved

data security

Posted on 2004-04-21
10
186 Views
Last Modified: 2013-12-27
HI,

I would like to protect my Java programs(Complete Product) from root/users. Basicly I need to install my product to remote location for demo purpose, they have root access. Now I want protect my data from local administrator.

Is there any tools like Folder encryption available on solaris?


0
Comment
Question by:arvind
10 Comments
 
LVL 12

Expert Comment

by:stefan73
ID: 10877058
Hi arvind,
You cannot protect your product from a root user. root is always able to read all files. Even if you use ACLs to disable root from accessing your files, it won't work, because root can simply su to your demo user.

The only solution is a license server, or something similar.

Cheers,
Stefan
0
 
LVL 5

Author Comment

by:arvind
ID: 10877083
could you please give some info about licsense server?
0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 10886089
What say Stefan73 is OK !!

but  you can use crypt and you have the file protect
 with passwd .
Only with passwd can see the file or use.

Example:
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
[root@pluto:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx] crypt <testkrypt >testkrypt.krp
Enter key: hier is passwd
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@pluto:/db/xx] cat testkrypt.krp
&#65533;"|:&#65533;w&#65533;&#65533;j&#65533;)&#65533;
[root@pluto:/db/xx] (you can delete testkrypt)
[root@pluto:/db/xx] rm testkrypt
[root@pluto:/db/xx]
[root@pluto:/db/xx] crypt <testkrypt.krp
Enter key: hier is passwd
Das ist ein Test
or
[root@pluto:/db/xx] crypt <testkrypt.krp >testkrypt
Enter key:
[root@pluto:/db/xx] ll
-rw-r--r--   1 root     other         19 Apr 22 08:55 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@dfwdba2:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx]












0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
LVL 5

Author Comment

by:arvind
ID: 10886189
I would like to protact folders
0
 
LVL 1

Expert Comment

by:SBK1972_uk
ID: 10886342
Hi,

when encryted, can o/s process still read this file ?? Or would they need to un-encryt  this file first ??  E.g Say the file contained a list of important email's which are piped into a simple smtp client, if encrypted, does this mean that this process wouldnt work ??

Cheers
Simon
0
 
LVL 5

Author Comment

by:arvind
ID: 10886347
basicly my product will work with one user -- so I would like to encrypt folders based on that user
0
 
LVL 1

Expert Comment

by:mdhmi
ID: 10903708

I would set up the demo on one of *your* systems and then allow your prospective customers to access it via a restricted user id.

Mark
0
 
LVL 5

Author Comment

by:arvind
ID: 10935821
but systems belongs to customer only -- so they have root access, I need to show demo on there permises and also protect my product
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11387663
PAQed, with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question