do not allow users to copy files

[David Bogdan]

I want to set up the server to allow read and write to a
particular file, but not allow the user to copy the
entire file to his or her hard drive. Is there a way to
do this?


Thanks

 

[SaltPeter]

I want to set up the server to allow read and write to a
particular file, but not allow the user to copy the
entire file to his or her hard drive. Is there a way to
do this?


Thanks

If a user has the permission to read a file, he or she can copy it since
this does not involve the deletion or modification of the file on the
server. The only way to prevent the copy to take place is to provide an
"interface" between the data and the user. In other words, the user should
only access/modify the data through a "redirector".

To make the point clearer, the file's contents exists as a copy on the
client while the user is reading or modifying it. Think of the file's
contents as a document which does *not* exist at the server, its processed
locally at the client and then changes comitted back to the file on the
server (if any changes there are).

What you seek is a form-based or record-based application that generates the
interface between the data set and the user(s). ASP + ODBC, an MFC or NET
form-based or record-based application, etc...

 

[dbogdan]

-----Original Message-----



If a user has the permission to read a file, he or she can copy it since
this does not involve the deletion or modification of the file on the
server. The only way to prevent the copy to take place is to provide an
"interface" between the data and the user. In other words, the user should
only access/modify the data through a "redirector".

To make the point clearer, the file's contents exists as a copy on the
client while the user is reading or modifying it. Think of the file's
contents as a document which does *not* exist at the server, its processed
locally at the client and then changes comitted back to the file on the
server (if any changes there are).

What you seek is a form-based or record-based application that generates the
interface between the data set and the user(s). ASP + ODBC, an MFC or NET
form-based or record-based application, etc...


.
OK I understand what you are saying. As a matter of

fact, the application is Net based, so perhaps I am
deploying security in the wrong manner? The program does
have it's own security built into it, however access must
be given to the server drive that the database resides
on. The engine is actually excuted locally. I wonder if
I give permissions to the Application and not the user,
if that works.

 

[SaltPeter]

fact, the application is Net based, so perhaps I am
deploying security in the wrong manner? The program does
have it's own security built into it, however access must
be given to the server drive that the database resides
on. The engine is actually excuted locally. I wonder if
I give permissions to the Application and not the user,
if that works.

Try asking your question in a NET newsgroup. There are a number of policy
based solutions involving the NET application's access restrictions. Some of
it is controlled by the admin and others are relevent to the design of the
application itself (including access to a database, SQL and local
resources). The various options are going to depend on how you are
authenticating the incoming users (as in the case of an ASP.NET
application).