Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

data security

Posted on 2004-04-21
10
Medium Priority
?
190 Views
Last Modified: 2013-12-27
HI,

I would like to protect my Java programs(Complete Product) from root/users. Basicly I need to install my product to remote location for demo purpose, they have root access. Now I want protect my data from local administrator.

Is there any tools like Folder encryption available on solaris?


0
Comment
Question by:arvind
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 12

Expert Comment

by:stefan73
ID: 10877058
Hi arvind,
You cannot protect your product from a root user. root is always able to read all files. Even if you use ACLs to disable root from accessing your files, it won't work, because root can simply su to your demo user.

The only solution is a license server, or something similar.

Cheers,
Stefan
0
 
LVL 5

Author Comment

by:arvind
ID: 10877083
could you please give some info about licsense server?
0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 10886089
What say Stefan73 is OK !!

but  you can use crypt and you have the file protect
 with passwd .
Only with passwd can see the file or use.

Example:
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
[root@pluto:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx] crypt <testkrypt >testkrypt.krp
Enter key: hier is passwd
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@pluto:/db/xx] cat testkrypt.krp
&#65533;"|:&#65533;w&#65533;&#65533;j&#65533;)&#65533;
[root@pluto:/db/xx] (you can delete testkrypt)
[root@pluto:/db/xx] rm testkrypt
[root@pluto:/db/xx]
[root@pluto:/db/xx] crypt <testkrypt.krp
Enter key: hier is passwd
Das ist ein Test
or
[root@pluto:/db/xx] crypt <testkrypt.krp >testkrypt
Enter key:
[root@pluto:/db/xx] ll
-rw-r--r--   1 root     other         19 Apr 22 08:55 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@dfwdba2:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx]












0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Author Comment

by:arvind
ID: 10886189
I would like to protact folders
0
 
LVL 1

Expert Comment

by:SBK1972_uk
ID: 10886342
Hi,

when encryted, can o/s process still read this file ?? Or would they need to un-encryt  this file first ??  E.g Say the file contained a list of important email's which are piped into a simple smtp client, if encrypted, does this mean that this process wouldnt work ??

Cheers
Simon
0
 
LVL 5

Author Comment

by:arvind
ID: 10886347
basicly my product will work with one user -- so I would like to encrypt folders based on that user
0
 
LVL 1

Expert Comment

by:mdhmi
ID: 10903708

I would set up the demo on one of *your* systems and then allow your prospective customers to access it via a restricted user id.

Mark
0
 
LVL 5

Author Comment

by:arvind
ID: 10935821
but systems belongs to customer only -- so they have root access, I need to show demo on there permises and also protect my product
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11387663
PAQed, with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question