Millisecond Forums

Securing Inquisit in a networked environment


Securing Inquisit in a networked environment
View
Options
Author
Message
lakeside
lakeside
lakeside
posted 10 Years Ago
Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)Guru (7.3K reputation)
Group: Forum Members
Posts: 34, Visits: 121
We are testing Inquisit within a closed network where identical client machines read tasks from and write data to a networked server. Right now we are trying to ensure a respondent will not have access to data files on the network but will still be able to write to the network. How have others handled this scenario?

We've restricted directory permissions to Write Only but, when a task is started, Inquisit writes a blank file. At the end of the session, Inquisit then needs to open the file again to write data. Under Write Only, Inquisit cannot add data to the file - I assume because it needs Read access as well.
Reply Like 102
Dave
Dave
Dave
posted 10 Years Ago ANSWER
Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)Supreme Being (1M reputation)
Group: Administrators
Posts: 13K, Visits: 104K
Simply denying the respective user the 'read' permission for the respective folder should work just fine.

Suppose you have a folder called 'data' that you write to and a user called 'inquisit_user' whose account you execute Inquisit under. Then setting
https://www.millisecond.com/forums/uploads/images/ca8fbd3c-8489-4484-8de4-f3a4.png

and doing e.g.

<data>
...
/ separatefiles = true
/ file = "[INSERTPATH]\data\raw.iqdat"
</data>

should write files just fine while making it impossible for the user to view the written data.

Edited 10 Years Ago by Dave
Reply Like 108
seandr
seandr
seandr
posted 10 Years Ago ANSWER
Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)Supreme Being (144K reputation)
Group: Administrators
Posts: 1.3K, Visits: 5.6K
The important piece to Dave's solution is the /separatefiles=true command. This causes Inquisit to write new files for all participants (which can be merged using the Inquisit Merge Data Files command on the File menu). Otherwise, Inquisit must first read the file before appending data to it.

Note - Inquisit will try to run a validation check on the saved data to make sure matches the original, and that's going to fail without read access, so you might end up seeing some error messages, although you can ignore them.

-Sean
Reply Like 108
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...



Submit

Post Quoted Reply
Reading This Topic

Powered by InstantForum 2017-1 Final © 2024
Execution: 0.000. 3 queries. Compression Enabled.
Explore
Messages
Mentions
Search