Millisecond Forums » Millisecond Forums » Inquisit 4 » Securing Inquisit in a networked environment

Securing Inquisit in a networked environment

lakeside — Tue, 16 Sep 2014 18:06:21 GMT

We are testing Inquisit within a closed network where identical client machines read tasks from and write data to a networked server. Right now we are trying to ensure a respondent will not have access to data files on the network but will still be able to write to the network. How have others handled this scenario?

We've restricted directory permissions to Write Only but, when a task is started, Inquisit writes a blank file. At the end of the session, Inquisit then needs to open the file again to write data. Under Write Only, Inquisit cannot add data to the file - I assume because it needs Read access as well.

RE: Securing Inquisit in a networked environment

seandr — Tue, 16 Sep 2014 18:06:21 GMT

The important piece to Dave's solution is the /separatefiles=true command. This causes Inquisit to write new files for all participants (which can be merged using the Inquisit Merge Data Files command on the File menu). Otherwise, Inquisit must first read the file before appending data to it.

Note - Inquisit will try to run a validation check on the saved data to make sure matches the original, and that's going to fail without read access, so you might end up seeing some error messages, although you can ignore them.

-Sean

RE: Securing Inquisit in a networked environment

Dave — Tue, 16 Sep 2014 14:34:32 GMT

Simply denying the respective user the 'read' permission for the respective folder should work just fine.

Suppose you have a folder called 'data' that you write to and a user called 'inquisit_user' whose account you execute Inquisit under. Then setting

and doing e.g.

<data>
...
/ separatefiles = true
/ file = "[INSERTPATH]\data\raw.iqdat"
</data>

should write files just fine while making it impossible for the user to view the written data.