5

I have a string of text that I would like to create a .txt file out of. I would not like to allow it to be accessible to the user (for security reasons), so I would like to store the .txt file in memory (if this is even possible).

For example: The string is:

''' Username: Bob Password: Coolness '''

I would like to save this string as a .txt file into memory. Then send it to another program.

anotherprogram.exe mytxt.txt

I looked around, and I am wondering if doing this is possible with StringIO? It says " Read and write strings as files".. I am not sure, Please respond if you know how to do this in anyway.

Improve this question
1
  • 7
    If another program is supposed to be able to access the file by name, the user will be able to do so as well. Can anotherprogram.exe read from standard input? Commented Jul 24, 2012 at 11:35

4 Answers 4

Reset to default
3

If the other program can read from standard input, then subprocess might be the way to go. Here's a stupid example where anotherprogram.exe is cat.

s=''' Username: Bob Password: Coolness ''' from subprocess import Popen,PIPE p = Popen(['cat','-'], stdin=PIPE, stdout=PIPE) stdoutdata, _ = p.communicate(s)

Many utilities that accept input from a file can read from stdin by passing - as the filename, but not all. Whether this works will depend heavily on what anotherprogram.exe actually is.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

If you do not want to make it accessible for others, use encryption and hide the key or maybe use the user control system offered by the operating system. I would prefer the first.

You can create files in memory by using ram disks, but files created in this way do not offer security ( or just a little bit since it is volatile). There is a module for python called pyFilesystem which would do that for you.

But as far as I can think you can reach nearly every file on the disk as a user, therefore, it is difficult to prevent a eager user from finding it effectively.

The file need to be found for anotherprogram.exe has to be in the user scope, therefore, it must be somehow accesible for the user.

Improve this answer

4 Comments

Interesting, Do you know how I can work pyFilesystem with my situation? I cant find many examples on how to use it.
I found a blog entry + screen cast in willmcgugan.com/2010/6/20/pyfilesystem-03-released . Hope that helps.
@user1513192: The memory filesystem might be the solution you initially thought of, but it does not add any security. As I said above, if the other process can access the file by name, the user can do so as well, regardless of the filesystem the file resides on. Do you have control over anotherprogram.exe, i.e. was it written by you? If yes, simply use a different form of inter-process communication. If not, see if it can read from standard input, or what other forms of input the program accepts.
It's not difficult it's impossible to hide something from the administrator of the system.. well you can obviously store encrypted data just fine, you just can't let the key onto the system which means the program can't decrypt the data either. If we want to save some users data from other users of the system, ACLs work fine though and are the way to go - don't reinvent the wheel badly.
0

Why don't you rely on the security offered by your OS (I guess your is Windows) to make the file only accessible to a user but not all users. Obviously anotherprogram.exe will have to be executed as a user who has read access to the file.

Improve this answer

Comments

0

Theres a module called wxpython that has a class called wx.FileSystem

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.