Solved

data security

Posted on 2004-04-21
10
183 Views
Last Modified: 2013-12-27
HI,

I would like to protect my Java programs(Complete Product) from root/users. Basicly I need to install my product to remote location for demo purpose, they have root access. Now I want protect my data from local administrator.

Is there any tools like Folder encryption available on solaris?


0
Comment
Question by:arvind
10 Comments
 
LVL 12

Expert Comment

by:stefan73
ID: 10877058
Hi arvind,
You cannot protect your product from a root user. root is always able to read all files. Even if you use ACLs to disable root from accessing your files, it won't work, because root can simply su to your demo user.

The only solution is a license server, or something similar.

Cheers,
Stefan
0
 
LVL 5

Author Comment

by:arvind
ID: 10877083
could you please give some info about licsense server?
0
 
LVL 4

Expert Comment

by:Otetelisanu
ID: 10886089
What say Stefan73 is OK !!

but  you can use crypt and you have the file protect
 with passwd .
Only with passwd can see the file or use.

Example:
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
[root@pluto:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx] crypt <testkrypt >testkrypt.krp
Enter key: hier is passwd
[root@pluto:/db/xx] ll
-rw-rw-rw-   1 root     other         19 Apr 22 08:42 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@pluto:/db/xx] cat testkrypt.krp
&#65533;"|:&#65533;w&#65533;&#65533;j&#65533;)&#65533;
[root@pluto:/db/xx] (you can delete testkrypt)
[root@pluto:/db/xx] rm testkrypt
[root@pluto:/db/xx]
[root@pluto:/db/xx] crypt <testkrypt.krp
Enter key: hier is passwd
Das ist ein Test
or
[root@pluto:/db/xx] crypt <testkrypt.krp >testkrypt
Enter key:
[root@pluto:/db/xx] ll
-rw-r--r--   1 root     other         19 Apr 22 08:55 testkrypt
-rw-rw-rw-   1 root     other         19 Apr 22 08:45 testkrypt.krp
[root@dfwdba2:/db/xx] cat testkrypt
Das ist ein Test
[root@pluto:/db/xx]












0
 
LVL 5

Author Comment

by:arvind
ID: 10886189
I would like to protact folders
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Expert Comment

by:SBK1972_uk
ID: 10886342
Hi,

when encryted, can o/s process still read this file ?? Or would they need to un-encryt  this file first ??  E.g Say the file contained a list of important email's which are piped into a simple smtp client, if encrypted, does this mean that this process wouldnt work ??

Cheers
Simon
0
 
LVL 5

Author Comment

by:arvind
ID: 10886347
basicly my product will work with one user -- so I would like to encrypt folders based on that user
0
 
LVL 1

Expert Comment

by:mdhmi
ID: 10903708

I would set up the demo on one of *your* systems and then allow your prospective customers to access it via a restricted user id.

Mark
0
 
LVL 5

Author Comment

by:arvind
ID: 10935821
but systems belongs to customer only -- so they have root access, I need to show demo on there permises and also protect my product
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11387663
PAQed, with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sed -- search an replace multiple pattern 11 69
IBM flash storage 840 15 59
UNiX Script filesystem space usage 19 69
Write an app 10 67
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now