Hello,

i'm still working on my IT degree so please excuse my ignorance.

I'm working in an application that will store encrypted files in a folder. Though the files are encrypted, I would like to prevent anyone from having access to the folder, even seeing what it contains and of course, deleting it. The only way of entering the folder should be being one of the valid users of the application, this is, starting the program and entering a password. When the program is closed, the folder should be locked again.

Is there any way of doing it? I'm working with C#, though any other .net technology would be welcome. I have been reading documentation at msdn, mainly the System.Security.Permissions namespace. Maybe one way could be removing ALL permissions to ALL users permanently, and give permission to the Windows account which has started the application. After closing it, all permissions should be removed again.

Any help, please?

Working with folder permissions won't work for you. Any administrative user can change the folders ownership and permissions. Basically, if you are working with other administrative users, then you cannot accomplish what you desire. However, if they are restricted users, you can change folder permissions.

thanks for the quick answer, i'll have to think of something else. any suggestion? there are many commercial programs that achieve that, i just wonder how they do it...

i'll have to think of something else. any suggestion?
Are you restricted to working with other administrators? If so, then I have never seen anything from XP or below that can accomplish this.

Well, I had thought of allowing all possible situations (one or many administrators) in the beginning. What you say is that any administrator can grant access to the folder to any user, or even delete it. Obviously, that's a bit dangerous :D. If nothing else works, then I will be forced to advise against installing it in a computer with more than one admin.

Is there any way of changing the shell's behaviour (the windows explorer) so you are not allowed to enter the folder? Maybe via the registry or something... I've had a look at the shell's guide at msdn, but it tells mainly about the graphics.

Is there any way of changing the shell's behaviour (the windows explorer) so you are not allowed to enter the folder? Maybe via the registry or something... I've had a look at the shell's guide at msdn, but it tells mainly about the graphics.
You can't just change explorer.exe. So, in short, you cannot do what you are asking so long as administrators exist.