473,394 Members | 1,951 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > resource file security

Join Bytes to post your question to a community of 473,394 software developers and data experts.

Resource file security

I have included a text file as a resource file in my VS 2003 c++
project.
Hexedit of my .exe files showed the resource file as it is i.e as a
straight
text file while the rest of the exe was binary code. I connect to the
database using
ODBC using this script in this exe and could change my sql statement in
hexedit
to cause damage to the DB.
Since this peoject is going to be distributed to customers I have to
provide
some encryption or security for this resource file.
Is there any property for the resource file that could provide minimal
security ?
Any ideas will be appreciated.

Nov 15 '06 #1
2 1463
I have included a text file as a resource file in my VS 2003 c++
project.
Hexedit of my .exe files showed the resource file as it is i.e as a
straight
text file while the rest of the exe was binary code. I connect to the
database using
ODBC using this script in this exe and could change my sql statement in
hexedit
to cause damage to the DB.
Since this peoject is going to be distributed to customers I have to
provide
some encryption or security for this resource file.
Is there any property for the resource file that could provide minimal
security ?
Any ideas will be appreciated.
Hi,
1) the DB account should only be allowed to do the things it has to do. i.e.
things like 'drop table' should be impossible for that user.
2) change your app so that the user has to enter the password in a text box,
you can then encrypt that info into a file, and read it next time.
3) only allow access through stored procedures if possible.
4) encrypt the text file before you add it as a resource, and decrypt it at
runtime. This is still not perfectly safe, since you cannot change the
password after building the app.

--
Kind regards,
Bruno.
br**********************@hotmail.com
Remove only "_nos_pam"

Nov 15 '06 #2
"lavu" wrote:
I have included a text file as a resource file in my VS 2003 c++
project.
Hexedit of my .exe files showed the resource file as it is i.e as a
straight
text file while the rest of the exe was binary code. I connect to the
database using
ODBC using this script in this exe and could change my sql statement in
hexedit
to cause damage to the DB.
Since this peoject is going to be distributed to customers I have to
provide
some encryption or security for this resource file.
Is there any property for the resource file that could provide minimal
security ?
Any ideas will be appreciated.
Some ideas (besides of Brunos's reply)
- Learn the best practices of security; some pointers:
http://msdn.microsoft.com/msdnmag/is.../SecureHabits/
- Binary is not an obstacle at all. Somebody can disassemble
your code and monitor communication between your app and the server.

--PA

Nov 16 '06 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

11
fatal error CVT1100: duplicate resource. type:ICON, name:1, langua
by: Danny Pressley | last post by:
I have a VS.NET 2003 Visual C++ MFC Application Project in which I added a new resource file, I then added an icon to this new resource file and did a rebuild and got the following error: "fatal...
.NET Framework
4
Resource editor for Visual Studio .NET
by: | last post by:
When do they plan on making this essential utility USEFUL? In its current form its pointless. How could they let this out? Its useless.
C# / C Sharp
3
Text file as embedded resource
by: Ron Vecchi | last post by:
I have a text file(.js) that holds a buch of java script code that is rendered in some web controls all part of a larger webcontrol library. The file is rather large. Would embedding this...
C# / C Sharp
3
Adding resource
by: Bern | last post by:
This message is probably out of topic but I get no response from the less popular microsoft.public.dotnet.general newsgroup. Is there a resource manager of some sort in VS C# .NET which you can...
C# / C Sharp
0
HOWTO Make a UserControl deploy an embedded resource.
by: ATS | last post by:
HOWTO Make a UserControl deploy an embedded resource. Please help, I need to embed an EXE into a C# UserControl that is run from script in an HTML web page as such: <html> <object...
C# / C Sharp
1
Can a local resource string be dynamic (asp.net 2.0)
by: Peter Strøiman | last post by:
Hi. I have a web project, that is intended to be installed multiple times as different product with different names. All strings in the web are placed in local resource files. In some of the...
ASP.NET
7
Visual Basic .NET Resource Kit Error
by: Madison | last post by:
I just completed the installation of the Resource Kit but I get the following error on GetStarted.aspx: Server Error in '/VB.NETResourceKit' Application....
Visual Basic .NET
4
Embedded resource namespace
by: Jason Pettys | last post by:
In an ASP.NET project I am setting the content type of my .ascx and ..aspx files to Embedded Resource for a separate reason. When I do this they get embedded as "RootNamespace.Filename" but I...
Visual Basic .NET
0
ASP.NET - Resource Security Methodology
by: OHM | last post by:
I'm just wondering what different approaches people would/have taken to solving the issues Im about to talk about. When you are writing an ASP.NET application for a small group of users or an...
ASP.NET
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!