I evaluated JxBrowser a short while ago. The following questions came to mind:
Can I use Java URIs to "reroute" all temporary files from the underlaying Chromium engine through a custom FileSystemProvider like encFs4J?
The reason I want to that is to comply with data privacy laws. Since browsers can not be forced by a web application to clear their cache or store any temporary files in a safe manner, I thought I could use JxBrowser for this. If I can handle all files myself, I can do some crypto magic so that (almost) no one has access to the data besides my application.
There is an API to define the directories via BrowserContextParams.
However, only absolute paths are allowed. URIs are not accepted.
Instead of doing
BrowserContext context = new BrowserContext(new BrowserContextParams("C:\\Chromium\\Data"));
Browser browser1 = new Browser(context);
I would like to do something like
BrowserContext context = new BrowserContext(new BrowserContextParams(new URI("enc+file:///C:/Chromium/Data"));
Browser browser1 = new Browser(context);
Does anyone know of a way to tap into the file handling routines of a process like JxBrowser? Can I somehow add this functionality like a wrapper around it?
I considered using something like VeraCrypt for this. But this is no good in terms of usability since you have to install virtual harddrive drivers. This is overkill for a rather simple issue.
Underlying Chromium engine in JxBrowser does not use Java IO API to access files. There is only a path string to the data directory that is passed to Chromium engine and it decides by itself how to handle all IO operations.
There is a mode in Chromium called incognito. In that mode all the files, including cookies, cache, history are stored in memory, nothing is stored on the hard drive, so once you close the application, all the data will be cleared automatically. If this meets your requirements we could investigate how to enable incognito mode in JxBrowser.
I will accepting Artem's answer to the original question. Incognito / private browser sessions - as long as they do not store anything on hard disk - would be a perfect and simple solution.
Furthermore, I want to share my research on this topic. The following answer is not related to JxBrowser but to any 3rd party applications and libraries which do not support URI path or require additional safeguarding of (temporary) files.
Option 1: RamDisk
needed: kernel mode driver for ram disk
privileges: admin once (to install the driver)
usability: might be seemless, if application can handle ram disk by code (not researched)
Installing a RamdDisk which can "catch" the files. If the ram disk only persists while the application is running, it is already automatically cleaned up. (not researched for feasibility)
With an own ram disk implementation one could perform additional steps.
Option 2: Virtual File System, e.g. VeraCrypt
needed: VeraCrypt, kernel mode driver
privileges: admin once (to install the driver)
usability: user has to mount container manually before using the application
Due to usability issues this was not further researched.
Option 3: embedded SMB server with local share
needed: SMB server implementation (e.g. JVLAN for Java), creating a server and share in code
privileges: user (Ports 1445 can be used under Linux etc.)
usability: seemless for the user, but quite a complicated solution for a simple issue
Steps: start a SMB server by code, add a share and user authentication (optional), mount the share to a local drive (windows) or mount point (linux), use an absolute path to access the files on the locally mounted share. If the application crashes, then the volatile / in-memory key for the "real" file encryption of the SMB server is lost and the files are safe from other eyes.
This option also has more potential, like clearing files once they got read, controling the access to third party apps and many more - even freakier - ideas.
Related
I have a web site (intranet) that allows you to download an executable (currently a .Net Console Application) written in ASP.NET and is using https.
However on many machines I can't run it right away after download - I need to right click on it, go to Properties and click Unblock which makes using this app uncomfortable (users will often have to download this executable and run - every time it is a new one as it is code generated)
Is there any way to make this executable automatically unblocked? Modifying client machine is not an option, but I can do anything with the server.
From the beginning I thought this is impossible as it is a security protection, but Chrome somehow does this. If I take a new PC with IE installed, type Chrome into Bing and install it - I don't have to unblock executable.
So far I've tested this only on W10 Chrome and IE, but I am pretty sure older Windows versions have this problem as well.
The mechanism for showing the untrusted executable dialog is based around alternate Datastreams. The metadata gets added by Windows or the browser when you download something from a network source, thus it is not possible for your file/webserver to influence this behaviour. Windows on the other hand has a ruleset which it uses to apply the flags which can be found in the TrustZone-Settings of your Internet Options.
NTFS has a neat little feature which allows for a file to have multiple contents, also known as alternate Datastreams. This is an NTFS-only feature, so you won't find it on other partition types. This basically allows you to store more data in your file which is not perse visible to the user and cannot be easily found out by a standard windows user. Windows uses those alternate datastreams to mark the origin of a file, especially when downloaded from the inter- or intranet. The Alternate Datastream which is used for this data is called the "Zone.Identifier" and holds an ID to the zone which the file was copied from. When you decide to trust a file you basically tell Windows to remove that datastream.
Windows uses the concept of different zones to classify those files. Windows knows four zones in Total: Internet, Intranet, Trusted Sites and restricted Sites. You can alter the settings and rules for those in the Internet-Options dialog in the tab "Trust Zone"
Security Remark: Before changing your settings for the trust zones in the company consider the security risks of this thrice. As it will allow any executable from those verified sources to be executed, potentially laying way to malicous executables which can then be started by already infected PCs or Users themselves.
The correct way to resolve that issue is to sign that executable with a trusted and valid code signing certificate which is better to be with EV (Extended Validation). Windows will check the certificate when you run the file and will allow it to run without further actions as it is signed with a trusted cert.
I have found so far an bundle that uses memcache as translation source but I haven't found anything on how to move the translation cache from disk storage to a service or directly to memcache.
I have also look at the options for the framework but I haven'T found anything useful on it (or I'm to stupid to use google ^^).
I need to move the cache files to memcache for deployment reason.
I'm having multiple Application Servers.
And to store the translation cache etc. on disk is slow and pane full if I deploy software (php Process on the productive app servers need to be restarted). It would make my live easier if that stuff would be stored in memcache as I would simply flush memcache to reset the translation stuff.
did anyone ever try this?
What first comes to the mind is to make a console command that would use one Loader (for example, \Symfony\Component\Translation\Loader\XliffFileLoader) and then another Dumper (something implementing \Symfony\Component\Translation\Dumper\DumperInterface from that bundle, like MemcacheDumper).
In your command your would load translations from one source by loader (in the form of \Symfony\Component\Translation\MessageCatalogue) and then dump them into another.
We have an application written in Mono that needs to communicate with an Finder Sync App extension.
All is working fine until we tried our app on El Capitan instead of on Yosemite.
We use a shared SQLite database to tell what paths are in which state and use NSDistributedNotificationCenter for communication between the two.
The shared SQLite database is outside of the sandboxed env so we have putted an excepention in our entitlements com.apple.security.temporary-exception.files.home-relative-path.read-write
If we remove this exception from the app extension, the extension works (but obviously we can't read our db)
Then we tought of putting the SQLite DB into memory, but shared memory databases isn't possible over multiple processes.
I can't find how I can create a NSFileHandle for a Sqlite Connection.
We could send over all the info to the application extension, but then that has to keep it in memory (preferably in a SQLite, cause we need to do some querying.)
Does anyone has some pointers of what we could do?
Try to look in The Application Group Container Directory it might do in your case. Basically it allows you to have shared folder between apps/extension.
App group container directories. A sandboxed app can specify an entitlement that gives it access to one or more app group container directories, each of which is shared among all apps with that entitlement.
After some research on similar problem I found it's much easier to have simple TCP server in main app that responds to extension with file status. This way you can easily broadcast file status change to all extension instances etc.
I am currently working on a project where i need to store few files and folders in encrypted manner. This project will be platform independent and hence will be written in Java.
Instead of encrypting individual file and folder, we have been thinking of using some virtual file-system where a single container file will hold complete file-system.
Most of the open source virtual encrypted file-system tools we studied work on following principle.
mount the virtual file system (using secure password)
use this filesystem
finally dismount it
But the main problem here we face is that anyone who has access of the PC (e.g. network admin) will be able to see decrypted files when virtual drive is mounted. We want to restrict access to encrypted file system at process level. No one else in same OS session should be able to see the contents, hence no drive mounting, etc.
So we are looking for some open source tool which will provided some some APIs using which we will be able to access files in encrypted container without mounting it.
can anyone point us to any such library?
This thing I'd normally say was pretty cool.
http://www.pismotechnic.com/pfm/
But I've recently accidently copied a sub-repository in a mercurial repository to another folder and when that happened a lot of files got magically messed up. If you don't mind possible issues like that (eg. keeping backups) this could be a solution for you.
I've stumbled upon this question while hunting for an alternative because corrupted files are definitely not on my requirement list.
(y/N)
Edit: Read-only access is fine.
I haven't tried this yet, but I think I've found a workaround.
Adobe AIR cannot write to Windows Registry, but you can, however, launch a native process in AIR 2. Here's a blog post that shows how to do that: http://www.adobe.com/devnet/air/flex/quickstart/articles/interacting_with_native_process.html
Now, on Windows, you are able to modify the Windows registry with .reg files. .reg files are just plain text files that's read by regedit.exe. So in theory, you can write a .reg file to the file system, then launch regedit.exe with the .reg file passed in and...TADA! You just modified Windows registry from your AIR app!
To read value, you can use regedit's export function to write to a reg file and read from the reg file. Details to regedit's options: http://www.robvanderwoude.com/regedit.php
Here are some additional resources:
.reg file syntax: http://support.microsoft.com/kb/310516
write to file with AIR: http://www.adobe.com/devnet/air/flex/articles/exploring_file_capabilities.html
If your willing to force the user to also install another application, you could write a small C# or C++ windows service that simply opens a Socket that provides some kind of protocol for accessing the registry. Then in AIR you can use the Socket class to send messages to/from the C# service that would return results to the AIR app.
When the app loads you can try to connect to the Socket, and if the connection is rejected you could prompt the user to download/install the service.
As for direct access to the registry I am pretty sure Adobe wouldn't allow that from AIR.
If you can I'd be horrified.
Why would you be horrified?
Air is a desktop platform, and having access to the OS's APIs (such as registry access) makes plenty of sense.
That being said, it isn't supported now (and as Adobe seem to be very Mac-centric, I doubt it will ever be added).
I have settled on grabbing the users name from the name of the user directory
Using File.userDirectory.name will work in most cases, but it seems like a very fragile implementation, it relies on the OS maintaining the convention of having the username as their directory. I can think of a few possible things that might break it (playing with TweakUI etc).
Here is a sample of modifying Windows Registry in Adobe Air using NativeProcess and Python. So you can Add, Delete or Read keys by only a single line of code !!
Download: Adobe Air Registry Modifier on Github
Are you trying to determine if the user is an administrator or not?
If so you could grad the username by with "File.userDirectory.name".
And I think to figure out if the user is an administrator you could probably try to access a file that requires administrator privileges (maybe try writing a file to Windows/System32). If the file access fails you could probably assume that the user is under a Limited account.
A bit late, but I got a wish from a client to read some values from the registry when the project was almost finished. If there were more of these types of wishes, I would have never choosen AIR. But I found a nice extension from FluorineFx, and by extending it, I can now read string and dword values from the registry. Windows only: http://aperture.fluorinefx.com/
You could theoretically modify the actual registry files, but I would highly discourage that idea.
Be very careful if you decide to create a socket server that listens for registry commands. You are potentially creating a security hole and users' personal firewalls may get in the way in terms of usability.