Avatar of rocktilldie
rocktilldie
 asked on

How to delete a file after user close it

Hi, Expert,

Now I'm implementing a encrypt software, all file is encrypted in a folder,
But when user wanna excute the file, I need decrypt the file and use CreateFile and WriteFile function copy it to a temp file. Then use ShellExecute let user can excute the file. when user edit and save the temp one, I'll encrypt back to the origin encrypt file.

Now my problem is, After user close the file, I need delete the temp one, because all it's content is not encrypt.

I search long time on internet, Can't use "open exclusive" to check is the file opened, because it can't detect notepad or ultraedit, also can't search the window's title to check have the file name or not, because some program may not show file name on window's title.

I found CreateFile have a param FILE_FLAG_DELETE_ON_CLOSE, but can't figure out how to solve my problem, or can you provide any other solution? Thanks!!

 
System Programming

Avatar of undefined
Last Comment
AndyAinscow

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
mahesh1402

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
mahesh1402

AlexFM

>> Can't use "open exclusive" to check is the file opened, because it can't detect notepad or ultraedit.

I don't have complete solution, but about this point: you can delete file while user edits it in Notepad. Run Notepad and wait for file loading using WaitForInputIdle. Then delete file. User cal still save this file and doesn't know anything about this. When Notepat exits, you can encrypt and delete file.

However, there are a lot of problems in your approach. User can save file with other name, and you don't know about this. User can save file but remain in Notepad. If you work with external programs, this is not secure.
Alkali_Guy

Just found the function ShellExecuteEx.  It will give you the instance handle of the program it opened.  You could install a system-wide hook DLL and have it call a function in your application whenever the window gets the WM_NCDESTROY message.  I'm not sure how to get the window from the instance handle though.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Alkali_Guy

GetWindowThreadProcessId?
Alkali_Guy

Oh, my above suggestion probably won't work.  MSDN says of hInstApp:

"Although hInstApp is declared as an HINSTANCE for compatibility with 16-bit Windows applications, it is not a true HINSTANCE."
AndyAinscow

I agree with Alex - your approach is not secure.
You would be better letting the user edit the file inside your app.  You could display the file contents inside a multilline edit control for example.  No need to create a temporary file.  Just decrypt the file and display inside an edit control in your app.  After the user has changed it then encrypt the contents of the edit control and resave the encrypted file back to disk.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
wayside

> I need decrypt the file and use CreateFile and WriteFile function copy it to a temp file.

What's going to stop the user from making a copy of the unencrypted file while it sits in the temp directory? What if they cut and paste the entire contents of the file from notepad into some other program? Plus Save-as, as already mentioned.

Your approach is extremely easy to circumvent, and provides virtually no security.

You need to rethink how to do what you want.
mxjijo


Ideally you should be writing a filesystem filter driver - pain !!

May be you can try system wide API hooks (dll inject or so)

You should hook all file operations such as CreateFile, WriteFile, ReadFile etc
Let your encryption layer handle all these file requests.
ReadFile handler --> decrypt
WriteFile handler --> encrypt
In that way you don't have to create a temp copy - file execution and your encode/decode will work transparently.

Securing cut-paste operations is kind of tricky. There is no easy methods to solve it.
Its a fine line between secutity and usability.
Usually people will end-up making their security either too restrictive or too open :)

good luck anyway.
~j
AndyAinscow

Out of interest how did you solve it?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
mxjijo


yeah.. wow! how did you solve it so quickly ? :)
If u're using self-deleting executables, remember they cannot delete themselves if they crash !!

good luck anyway..
~j

AndyAinscow

And one doesn't usually open an exe in notepad to view/edit it either.