Open an in-memory file with the default system application

[berzasnon]

That's not exactly what I meant. If you're on Windows, you can use WinAPI to ask for the default app registered to handle a particular file type and if it is in a list of solutions known to work, then call it.

Still would be a no generic and no guaranteed solution, because nothing assures that the default application will be able to read the data buffer. In that case would be impossible to open the file stored in the BLOB and would have to create a temporary file anyway.

The combination of trying to get the default app to open the in-memory file + creating a temporary file as a fallback method would be the safest, but honestly I can't see the difference between creating a temporary file now and then and creating it every time: creating the file only when strictly needed is safer than creating it every time, but both are unsafe anyway.

A possible solution would be to use an encrypted ramdisk filesystem to store those temporary files.

I'm confused; the default system app ought to have read access to that encrypted ramdisk filesystem, and (correct me if I'm wrong) that would only be possible if the whole system has access to such ramdisk. I mean, the app (and the OS) would see the ramdisk as any other filesystem present in the computer, encrypted or not. As I said to Rhayader, the temporary files wouldn't survive a reboot, but besides that I can't see the benefit in using a ramdisk.

Maybe I'm not getting the point. If so, please tell me.

[wysota]

Still would be a no generic and no guaranteed solution, because nothing assures that the default application will be able to read the data buffer.

Going this way, there is never a generic and guaranteed solution because there might be no default application for a particular file type installed at all and creating a temporary file wouldn't have helped either.

I'm confused; the default system app ought to have read access to that encrypted ramdisk filesystem, and (correct me if I'm wrong) that would only be possible if the whole system has access to such ramdisk.

No, not really. It should be possible to execute the program with special privileges that allow it access to a particular directory, disallowing anyone else.

besides that I can't see the benefit in using a ramdisk.

The 'ramdisk' part is not important here. The 'encrypted' is.

If you're expecting to thwack a magic wand and have a ready solution then that's probably not going to happen. I'm sure your requirement can be fulfilled but you need to get your hands dirty in the low-level system behaviour. You would be much better asking your question on some geek Windows forum than here.

[berzasnon]

No, not really. It should be possible to execute the program with special privileges that allow it access to a particular directory, disallowing anyone else.

The 'ramdisk' part is not important here. The 'encrypted' is.

If you're expecting to thwack a magic wand and have a ready solution then that's probably not going to happen. I'm sure your requirement can be fulfilled but you need to get your hands dirty in the low-level system behaviour. You would be much better asking your question on some geek Windows forum than here.

Don't get me wrong, I'm not expecting a magic wand solution, I'm just concerned about the effort/benefit ratio. I can get my hands dirty and finally have to create a temporary file anyway in some situations, so I think it's not worth the effort. Since the use of temporary files is not strictly forbidden, I think in this case is justified to use them.

Funny thing: I have been testing, and if I create a .pdf temporary file and open it with the default application (Sumatra PDF, can't tell if the result would be the same with Adobe Reader), I can delete the file inmediately after being opened (a really temporary file, a few seconds of life span) and Sumatra PDF will keep showing the file and won't complain. Obviously it doesn't lock the files it opens. That makes sense, since it opens the file for read-only access.

Maybe getting every application to open the temporary file as read-only...

[wysota]

Funny thing: I have been testing, and if I create a .pdf temporary file and open it with the default application (Sumatra PDF, can't tell if the result would be the same with Adobe Reader), I can delete the file inmediately after being opened (a really temporary file, a few seconds of life span) and Sumatra PDF will keep showing the file and won't complain. Obviously it doesn't lock the files it opens. That makes sense, since it opens the file for read-only access.

Firstly, on Windows, most apps usually open files in exclusive mode so you won't be able to delete the file. Secondly, deleting the file does not delete it from disk, it can still be accessed using freely available tools. Thirdly, even if there is no file, if an app keeps the data in memory, a clever attacker can access it directly from the process memory. If you don't have a secure application that prevents all these (and regular apps don't) your system will not be safe.