How to restrict other programs from reading a certain file on Windows 10?
2
Secret files such as ssh private keys are stored in plain on the disk.
There is only one user account on my computer.
Programs like ssh.exe need to read these files, and I want to view them by text editors like Visual Studio Code, too.
However, some bad applications, which sometimes run as Administrator or even run as SYSTEM, scan disks and read such secret files. (They won't modify.)
Is there any way to allow only a few programs to access a certain folder and read files? (Like a white-list)
Thank you.
windows-10 security privacy acl access-control
asked Jan 23 at 6:24
Kane GreenKane Green
112
|
show 3 more comments
2
Secret files such as ssh private keys are stored in plain on the disk.
There is only one user account on my computer.
Programs like ssh.exe need to read these files, and I want to view them by text editors like Visual Studio Code, too.
However, some bad applications, which sometimes run as Administrator or even run as SYSTEM, scan disks and read such secret files. (They won't modify.)
Is there any way to allow only a few programs to access a certain folder and read files? (Like a white-list)
Thank you.
windows-10 security privacy acl access-control
asked Jan 23 at 6:24
Kane GreenKane Green
112
1
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
2
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
1
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51
|
show 3 more comments
2
2
2
Secret files such as ssh private keys are stored in plain on the disk.
There is only one user account on my computer.
Programs like ssh.exe need to read these files, and I want to view them by text editors like Visual Studio Code, too.
However, some bad applications, which sometimes run as Administrator or even run as SYSTEM, scan disks and read such secret files. (They won't modify.)
Is there any way to allow only a few programs to access a certain folder and read files? (Like a white-list)
Thank you.
windows-10 security privacy acl access-control
asked Jan 23 at 6:24
Kane GreenKane Green
112
Secret files such as ssh private keys are stored in plain on the disk.
There is only one user account on my computer.
Programs like ssh.exe need to read these files, and I want to view them by text editors like Visual Studio Code, too.
However, some bad applications, which sometimes run as Administrator or even run as SYSTEM, scan disks and read such secret files. (They won't modify.)
Is there any way to allow only a few programs to access a certain folder and read files? (Like a white-list)
Thank you.
windows-10 security privacy acl access-control
windows-10 security privacy acl access-control
asked Jan 23 at 6:24
Kane GreenKane Green
112
asked Jan 23 at 6:24
Kane GreenKane Green
112
asked Jan 23 at 6:24
Kane GreenKane Green
112
asked Jan 23 at 6:24
Kane GreenKane Green
112
asked Jan 23 at 6:24
Kane GreenKane Green
112
112
1
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
2
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
1
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51
|
show 3 more comments
1
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
2
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
1
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51
1
1
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
2
2
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
1
1
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51
|
show 3 more comments
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1397301%2fhow-to-restrict-other-programs-from-reading-a-certain-file-on-windows-10%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1397301%2fhow-to-restrict-other-programs-from-reading-a-certain-file-on-windows-10%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Actually do you really ever need to view the private keys in a text editor? There aren't any good generic answers for miscellaneous files, but if you were asking specifically about restricting private key usage, there are quite a few solutions for that.
– grawity
Jan 23 at 6:31
2
What are these "bad applications" running as an administrator or "root"? It sounds like that system is already compromised, potentially along with everything on it. Why not eliminate that problem first, and automatically nullify this whole question in the process?
– Xen2050
Jan 23 at 6:31
1
@grawity sshkey is just an example. Some configuration files may contain passwords for remote databases, sometimes I need to change some sittings.
– Kane Green
Jan 23 at 6:40
@Xen2050 Some software companies scan hard drives for sensitive files in the name of "anti game cheats" or "protect account security". I don't want to mention the names of those companies here, but they do exist.
– Kane Green
Jan 23 at 6:43
Ah, then it's sort of a cat & mouse game. You can be sure that cheat makers want to protect their files just as you do, and I would expect any popular anti-cheat software to keep catching up with those protection methods.
– grawity
Jan 23 at 6:51