Preventing substack from being opened
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller
Preventing substack from being opened
I have a mainstack that has one substack with sensitive information in it. The mainstack can open, but one cannot proceed to the substack without the correct password.
Even though it is encrypted, I would feel more comfortable if there was absolutely no way someone could open the substack through livecode.
I seem to remember something about using "stackfiles" I've been years away from this, sorry.
Even though it is encrypted, I would feel more comfortable if there was absolutely no way someone could open the substack through livecode.
I seem to remember something about using "stackfiles" I've been years away from this, sorry.
-
- VIP Livecode Opensource Backer
- Posts: 9669
- Joined: Wed May 06, 2009 2:28 pm
- Location: New York, NY
Re: Preventing substack from being opened
Anyone know if a separate password protected stack is more secure than a password protected subStack?
Craig
Craig
-
- VIP Livecode Opensource Backer
- Posts: 7237
- Joined: Sat Apr 08, 2006 8:31 pm
- Location: Minneapolis MN
- Contact:
Re: Preventing substack from being opened
I doubt there's a difference. The only unique thing about a substack is that it's inside the same file on disk. But it acts the same either way.
If a user has access to the IDE there's no good way to prevent the stack from being accessed, though they can't view the scripts. However, you could store the binary stack as a custom property and only extract it when you need to. I've done this.
1. During development, save the stack to disk. Then set a custom property to url ("binfile:" & <path to file>). The binary file is now a custom property.
2. When you want to work with the stack, write the custom property to an obscure location and open it from there. I use tempName() to get a unique file name. The temporary file location is fairly obscure and on OS X is not easily accessed by users. Since your scripts are encrypted, users won't even know they should look.
3. When you're done with the stack, save it (to the temp file) and then put the binary file back into the custom property, and delete the temp file.
If you only want to read the stack and not save any changes, you can just open it directly from the custom property without saving to disk first:
Code: Select all
put the cProp of this stack into tSubStack
go stack tSubStack
Jacqueline Landman Gay | jacque at hyperactivesw dot com
HyperActive Software | http://www.hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
-
- Livecode Opensource Backer
- Posts: 9388
- Joined: Fri Feb 19, 2010 10:17 am
- Location: Bulgaria
Re: Preventing substack from being opened
So, store your sensitive information in a script of an object on the substack.no good way to prevent the stack from being accessed, though they can't view the scripts
-
- VIP Livecode Opensource Backer
- Posts: 9842
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: Preventing substack from being opened
If you read the stack file and encrypt it before storing it in a custom prop, you can use password stored in an encrypted script in the mainstack for reasonable security.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: Preventing substack from being opened
Thank you all.