I have an application (in a pure windows environment) that needs to store sensitive data so that other workstations with the same applications can access that data. At the moment that's done using a central server with a SMB network share and encrypted files. All (windows) users that use our application have to have read/write access to one central shared folder and this way data is stored and exchanged.
This configuration has one big drawback: Not only the application but also all users of our application have full access to that shared folder.
Ok, they can't read the sensitive data, as it is encrypted, but - given some criminal energy or stupidity - they can simply open a windows explorer, navigate to that shared folder and delete files there.
I tried but didn't manage to open the SMB-share only for my application - as soon as my application authenticates there, also the current windows user has access.
(I tried using WNetAddConnection2, but as soon as the authentication happened, the connection is opened also for all other programs. And if I don't map the SMB folder to a drive letter, I can not even disconnect the drive again)
Are there possibilities to authenticate only a process or a thread and not the current user for access to a network share?
Or are there performant alternatives to SMB shares? One data record is something between 100 and 900 MB in size. Therefore I need support for random access reading/writing to the files.
Using SFTP and pumping the entire data to the workstation when opening and sending everything back when closing is not an option. That would stress the network and if the application crashes, all changes are lost where when using "normal" access only the data in the network cache is lost.
Any recommendations?
Are there possibilities to authenticate only a process or a thread and not the current user for access to a network share?
No. Windows' security model is based on users, not applications. To apply rights on a per-process basis, you would have to run the application as a given user. To apply rights on a per-thread basis, you would have to impersonate a given user before doing the work, and then revert the impersonation when finished.