Hello, I am having a problem with a program I am writing that is going to write files to a specific folder on a network drive. The problem I am running into is the program is to be used by people / computers that do not have access to write to the drive or folder, but they would have access to run the program. I have full access to the drive and I was wondering if there was a way for me to upload a program that would have full access to the drive, even when run by someone that does not have full access. I hope to be able to do this without giving everyone shared access to the drive and folder.
I would be very appreciative of anyone that has any pointers on this subject and would like to know if this is possible or not.
The thing with computer security, user priviledges etc. is that coding professionals should do their best to live by them. Looking for ways to divert these factors should at least provoke some moral questions. If there are security barriers, is it worth or justified to do the program? At least think if there is an implementation that would grant what you need, without provoking such issues.
What I would do in this situation, put up a server application in the target computer, to which people can upload their files. The server application can (in a reasonable OS) then be configured rights of its own, where actual user access issues are (largely) omitted. For this you have existing solutions, such as Tomcat, FTP based servers would suit you well etc. The amouth of own code for server side is reasonable, then you would need to implement the clientside naturally. For that you have good choices on existing clientside FTP etc.
How well this works is, again, down to the system and network you aim to work with. In the endm this you need to respect, thats your only professional choice. It is highly recommended, that instead of asking for loopholes in the forums, you take your issues to the (possible) network admisnistration of the target system. They will tell you flat out what is absolutely not permissable, and thus what is the sandbox you are allowed to operate in. Only with this information you can build an application that you can have some public professional pride in.
Last edited by Londbrok; September 30th, 2009 at 02:17 AM.
You could try a client-server approach with the server sat on the network drive. You could implement this using sockets or via RMI. You should introduce some level of security so only authorised clients can send files and you may also want to restrict the files types that can be sent and the directories they go to.
Before doing this you should make sure you are not breaking any security rules in your company/institution etc
EDIT: Sorry Londbrok, I hadn't spotted you had already answered this.