security in .NET: protecting application data FROM users!?

[Brett Vasconcellos]

I am trying to write some .NET code that can save data to the hard
drive in such a way that an unauthorized user cannot tamper with it.

The main issue I am struggling with is that it appears all the .NET
security only RESTRICTS the default NT security/permissions. I need a
way that the user can run my application, and the application can read
and write to its data files, but the user cannot read/edit/delete
these files.

I've looked at "Isolated Data Storage" and "Code Access Security" but
it doesn't appear that either of these mechanisms will help me.

The only method I can think of for this is to (A) create a new user on
the machine during installation that has more ACL permissions than
untrusted users, i.e. this new user can access the data files, but
untrusted users cannot, and (B) have my application use
LogonUser/ImpersonateLoggedOnUser/WindowsIdentity.Impersonate to
access these protected files. Of course, a really determined
malicious user could find a way to do (B) and access the files.

Does anyone see a better (easier and/or more secure) method of
achieving this?

-Brett

 

[Michael Giagnocavo [MVP]]

You could have a service that runs in the correct user context, and
then communicate cross-process to that service. Not easier, but more
secure, since the untrusted user has no access to impersonate the real
user.

-mike
MVP

 

[Michael Giagnocavo [MVP]]

The problem with using ACLs is that the current user still has access
to the file, thus the need for the app to impersonate a more powerful
user.
-mike
MVP