Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

This topic is 8363 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Posted

Hi,

Am working on a solution with FileMaker Server 5.5 on OS X 10.1 where we need to protect our databases so that they can not be copied and used.

Since there is no plugin which works on the FileMaker Server, we wrote a C application that checks the ethernet ID on startup of the FMServer deamon and decrypts the files. Conversely, it's also supposed to encrypt the files when FMServer quits.

Problem is, the shutdown access works VERY erratically. Sometimes its fine, and sometimes it doesn't encrypt the files on shutting down.

Does anyone know how we can

a) Execute script POST the FM Server shut down

: Is there a signal to terminate FMServer immideately

c) Can we execute a command or edit the FMServer daemon or the

shut down procedure architecture so that we can sequence the

event instead of having to use a wait sequence

Desperately yours, Partha

Posted

Well, this is a very interesting question. One of the most interesting FMP issues I have seen in a long time. Several points:

1. There are server based plug-ins, but not for what you're describing.

2. How might a prospective theft steal copies? Is the server CPU physically secure? Are you logged out? Does log-in require a password? Is file-sharing turned OFF, thus preventing networked access to the specific CPU? I believe you might assess these issues to enhance the physical security of the files themselves.

All the foregoing said, this is interesting. After the lads come back this week, I will make some further inquiries here.

Old Advance Man

Posted

Hi,

The server is at a remote location, so nothing stops anyone from replicating the hard disk.

Users will have a login to run updates, but can not see the files.

However, saw & tried some horrifying hacks that gives full access to SU even without any passwords, so need to encrypt our files.

Would appreciate any input.

TIA, Partha

Posted

The fact the server is in a "remote" location has little bearing on whether or not it is physically secured. Is it in a locked enclosure, for example?

When you say that people were able to gain access to the files themselves, this causes me to believe that file sharing has been enabled on the server. if that is the case, it should be disabled.

Old Advance Man

Posted

Sorry. Shud have phrased my reply better. The server will be in a 'locked' server room, but is accessible to all and sundry, especially the members of the EDP department of where we are putting it up for testing. In short, Yes - it is physically accessible.

File Sharing is not on, but we are giving access to certain media files through the HTTP protocol (Apache). File Sharing, Samba, FTP, etc are turned off and we have filtered the IP ports.

However, from what I heard the EDP guys say, I expect them to attach a hard drive to it and copy all the files. mad.gif" border="0

Hope this clarifies what you were asking.

TIA, Partha

Posted

It sounds to me like your C appliction is trying to encrypt the FMS files before they are completely closed and the application would get a sharing violation.

When you "stop" FileMaker Server, before the service is shut down, it must first close and save all of the hosted files. If a user just previously added serveral new records, or performed some complcated finds and sorts, the results may still be in the cache. Before each hosted file can be closed, it must first check to see that all connected users are disconnected correctly, all cached data is flushed to the disk and then the file is closed. When all of the files are closed in this fashion, FMS is then stopped. This can take a few seconds to as much as an hour - yes, I have seen some large files (especially with container fields) take an hour to close.

You need to have your C application wait an appropriate amount of time before running to ensure FMS has finished - perhaps as much as 2 hours? That may not be the best scenario, but I do know that a FMS hosted file cannot be copied, moved, opened, deleted, or even encrypted while FMS is closing down that file.

Forcing a FMS shutdown prematurely or "pulling the plug" WILL result in corrupted files and loss of valuable data - if you need to encrypt the data, it must be valuable to someone.

________________________

[ December 31, 2001: Message edited by: dykstrl ]

Posted

Hi,

Am using the force close command on FMPro to ensure it doesn't wait for 2 minutes. Timed that to 5 seconds for a close, and my C code waits 10 seconds. Unfortunately, there is no post-close event that I can catch (or I haven't found one).

The interesting part of FMServer on OS X is that you CAN copy the files whe they are served up by FMServer - though it recovers all the files.

Re : using it with Apache. In the final stages, there will be a sperate FMServer Mac & a seperate media server running with apache. Currently, can't afford to put up 2 test machines.

My problem is in the fact tat I can't find a way of ensuring that the FM databases can be run ONLY on the server designated by me. The reason I wish to do this is that users should be able to backup their FMPro data but use it only on the server designated by me.

Any suggestions ?

TIA. Partha

This topic is 8363 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.