Preventing substack from being opened

oldummy · Post by **oldummy** » Thu Sep 12, 2019 4:22 pm

I have a mainstack that has one substack with sensitive information in it. The mainstack can open, but one cannot proceed to the substack without the correct password.
Even though it is encrypted, I would feel more comfortable if there was absolutely no way someone could open the substack through livecode.
I seem to remember something about using "stackfiles" I've been years away from this, sorry.

bogs · Post by **bogs** » Thu Sep 12, 2019 4:29 pm

oldummy wrote: ↑
Thu Sep 12, 2019 4:22 pm
I would feel more comfortable if there was absolutely no way someone could open the substack through livecode.

I don't think there is any way to make a 100% lock.

dunbarx · Post by **dunbarx** » Thu Sep 12, 2019 4:59 pm

Anyone know if a separate password protected stack is more secure than a password protected subStack?

Craig

jacque · Post by **jacque** » Fri Sep 13, 2019 7:22 pm

dunbarx wrote: ↑
Thu Sep 12, 2019 4:59 pm
Anyone know if a separate password protected stack is more secure than a password protected subStack?

I doubt there's a difference. The only unique thing about a substack is that it's inside the same file on disk. But it acts the same either way.

If a user has access to the IDE there's no good way to prevent the stack from being accessed, though they can't view the scripts. However, you could store the binary stack as a custom property and only extract it when you need to. I've done this.

1. During development, save the stack to disk. Then set a custom property to url ("binfile:" & <path to file>). The binary file is now a custom property.
2. When you want to work with the stack, write the custom property to an obscure location and open it from there. I use tempName() to get a unique file name. The temporary file location is fairly obscure and on OS X is not easily accessed by users. Since your scripts are encrypted, users won't even know they should look.
3. When you're done with the stack, save it (to the temp file) and then put the binary file back into the custom property, and delete the temp file.

If you only want to read the stack and not save any changes, you can just open it directly from the custom property without saving to disk first:

Code: Select all

  put the cProp of this stack into tSubStack
  go stack tSubStack

This is about as good as it gets. Anyone who has tools that can read the contents of memory will see it anyway, you can't prevent that.

richmond62 · Post by **richmond62** » Fri Sep 13, 2019 7:35 pm

no good way to prevent the stack from being accessed, though they can't view the scripts

So, store your sensitive information in a script of an object on the substack.

FourthWorld · Post by **FourthWorld** » Fri Sep 13, 2019 10:54 pm

If you read the stack file and encrypt it before storing it in a custom prop, you can use password stored in an encrypted script in the mainstack for reasonable security.

oldummy · Post by **oldummy** » Sun Sep 15, 2019 4:52 pm

Thank you all.

LiveCode Forums

Preventing substack from being opened

Preventing substack from being opened

Re: Preventing substack from being opened

Re: Preventing substack from being opened

Re: Preventing substack from being opened

Re: Preventing substack from being opened

Re: Preventing substack from being opened

Re: Preventing substack from being opened