hello, I'm working on a personal project and I was looking for some help. I am writing a program that needs to store user profiles in an external file (.user_data.dat). Problem is that anyone with half a brain can find the file and with any text editor look at the file and see everyone's profile information (login names, passwords, etc.). Since I still need to be able to read/write to this file with my program, I can't just restrict read/write permissions to it since I don't want the user to keep entering their sudo password (btw. I'm using gcc on linux) anytime they save their profile.

I don't know what code to provide since I don't know where to start, but if you need more information I'll happily provide.

I suppose I could always just convert the data inside the file to something like their ASCII equivalent or something that would just make it more annoying to decypher for the spying individual, but I feel as though there is a better way (probably very obvious). I also should mention that I need to maintain formatting inside the file (at least in this version) in order for it to be properly read, but I'm thinking that eventually that'll need to/will change.

Thanks!
~J

Encryption only keeps the casual observers out -- professional hackers will break the encryption algorithm pretty easily. There has never ever been an encryption algorithm that has not been broken by someone, even the algorithms used by military can be broken given enough time and effort and is why they change the algorithms and keys frequently.

ok, I was kindof thinking encryption but wasn't sure which one to use (is there an md5 function available for c++?) . But I wasn't sure if there was any other way besides encryption because like I said in my original post, encryption doesn't really solve the problem, just makes it more annoying to break.

But if you're already on Linux, then why not run the program with the UID of the user, then store your user specific settings in the users' home directory.

You then make it personal by doing something like chmod(0400) on the file to remove all the bits from "group" and "world".

I had forgotten that that is how I had done it for a previous version but had to change it when I added more features, but it seems as though those features have matured enough that I can change it back.

For the sake of completeness however, should that not be possible (placing it in a different directory), is encryption the only other way that you can mask a file's contents?

This article has been dead for over six months. Start a new discussion instead.