Reputation: 11828
How to update a compiled textual resource file?
I have a textual resource file filled with hashed usernames + passwords and their associated privileges. When they start the application they log in and depending on their credentials they have access to different parts of the application.
This all works well but the problem is is that those with Administrator accounts should be able to add new users to the list from within the program. I've looked around and it seems like you're not meant to edit compiled resource files.
However, I cannot save this user list to the computer because someone can delete it, edit it, or corrupt it. Also, I cannot query an online service because the application is often used in places without an internet connection.
I like using resource files because they're embedded within the executable and new users will not be created very often. Is there any way to edit and recompile the resource file during the runtime of the application? Does anyone know of any other alternatives I can use to provide offline security to this application?
Upvotes: 0
Views: 240
Answers (2)
Reputation: 5638
It is possible to update a string resource in an executable. Microsoft has an Stablupd example that shows how to do it. There are also C# libraries built around the WinAPI resource functions such as ResourceLib. However, I would not recommend trying to change the resources of the executable while it is running. It might not cause any problems but it isn't a good design practice. I think your best bet is to store the information in an encrypted file or encrypted in the registry. You could mark the file as read-only when your program closes and lock it while the program is running. Yes, the user could still delete it, but if you are editing resources in a program, they could also delete or uninstall your program, then you would end up losing all the data that way too. At least storing it in the registry has less of a likelihood of being deleted.
Upvotes: 2
Reputation: 12628
You can use SQL Server Compact, to store and update required information.
But it's definitely bad idea to store passwords locally: - for security reasons. Anybody can easily get access - for scalability. You can't use more that one copy of you Application. Other way two different administrators will create two different accounts, and there is no way to sync two databases
Upvotes: 1
Related Questions
- Embedded resource txt file is not updating
- Modifying existing resource file programmatically
- Update Resource on Build dynamically
- Editing a C# resource file of a compiled assembly
- change embedded resource file during runtime
- How to update embedded resource (file) at design time
- Update a resource file dynamically
- Changing content in Embedded Resources file
- asp.net: edit resource file which is compiled into a dll
- How do you update an embedded assembly resource?