I am working on an application with Spring.Net and Windows forms. I would like to prevent users to change the Spring configuration file, something like setting the configuration file as readonly. I read the Spring.Net documentation and I found nothing, I looked on visual studio's side but I did not find how to set a file as Readonly. The only thing I found is to encrypt the app.config file, it is working but it does not prevent user changes. Do you have any idea?
Really preventing a change will be hard to impossible...
BUT usually it should be enough to be able to recognize whether it has been changed... to achieve this you basically need to implement some variation of the following scheme:
To take the above a step further:
You could embed a copy of the file as an "embedded resource" into your application (EXE/DLL) and replace the file on disk on startup with the content of that resource - this way you make sure that the file is always what your application expects.
DISCLAIMER: the above scheme won't stop a really determined "attacker/hacker...".