Helping people with computers... one answer at a time.
It's possible to make it very difficult to delete a file, but someone with motivation and physical access to your machine might still cause trouble.
Can I prevent a file from being deleted? I have a file that is encrypted so that only I can read it. Now the problem is that although no one can read it, they can still delete it. I want to prevent that file from being deleted.
•
The short answer is no. You can't prevent it.
The longer answer is you can make it more difficult, but if someone is determined to delete the file, they probably still can.
•
I'm going to assume that this file is on a machine where other people have access to the machine itself. If your file is on a network or on a server, anywhere where people do not have physical access to the machine, then the answer's different. You can prevent the file from being deleted simply by putting it somewhere that people have read-only access, or marking the file itself read-only to everyone but you. Exactly how you do this depends on what kind of an internet server or network file server you're running, but it's typically not that hard. Your network or system admin can help on that, or the steps outlined below may apply.
However, when it comes to a PC that other people might have access to, all bets are off.
Let's look at how we can make it difficult, and then I'll describe how all that can be bypassed.
First, the drive on which you've placed the file must be formatted NTFS for the additional security options we're about to play with.
Open up Windows Explorer, click on Tools, Folder Options click on the View tab and scroll to the bottom of the Advanced Settings list. You should see something like this:
Make sure that Use simple file sharing is not checked, and OK your way back out.
Now, locate and right click on the file you want to protect and click on Properties. You'll see a Security tab; click on that and you should get something like this:
Now, for each Group or user name in the top list except Administrator (or perhaps except your own login account if you are not an administrator), make sure that the Deny column in the Permissions for... list is checked. For Administrator the column Allow should be completely checked.
Press OK.
What this has done is restricted access to the file to only those with administrative privileges. Anyone else logged into Windows with a different account will be unable to read, write or delete the file.
Seems like exactly what you were looking for, right?
Here's the downfall:
If it's not physically secure, it's not secure.
If someone can reboot your machine and boot from a floppy, CD-ROM or USB drive, then they can boot into any of a number of password and file recovery programs that can completely bypass the security you've just set up.
In fact, here's an article on how they can become the administrator: I've lost the password to my Windows Administrator account, how do I get it back?
At that point, they could reformat the drive, and erase everything including your file.
Even if you remove all the boot options, if they're really motivated, they can steal the machine or drive, and install it into some other system where they can then proceed to get full access. I'm guessing stealing the drive also qualifies as deleting the file.
The bottom line is that depending on your situation, "making it difficult" might well be enough. But be aware that it's not bullet proof. Encrypting your data is a great thing to do, but make sure you have a backup - perhaps of the encrypted container - since it's quite possible a motivated someone could come along and delete it no matter what you do.
Article C3452 - July 21, 2008 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
April 8, 2010 7:59 PM
I want to make the Executable .exe file undeletable from virus guards. As some times they detect them as virus. I have tried like manipulating some settings in the virus guards to allow them but how ever sometimes it fails. Hence could you suggest me any software (Portable) that will protect the .exe files being getting deleted.
Thank you in advance
09-Apr-2010
April 5, 2011 9:04 AM
THERE'S ONE THING I LIKE TO ASK TO YOU HOW CAN MY FAVORITE GAME IN MY COMPUTER(STILL I HOLD THE GUEST)TO BE IMMUNE TO DELETE BECAUSE MY MOTHER WANT TO DELETE IT FROM THE GUEST DOCUMENTS? MY MOTHER HOLDS THE ADMIN PLEASE HELP ME.
06-Apr-2011
July 22, 2011 1:52 PM
We need to prevent deletion of files from a USB drive but allow them to be printed or copied off the drive. Also, the user may plug the drive into a Mac or a PC. Easy way to accomplish this?
January 20, 2012 3:52 AM
Why do many of you leave up sites that are obsolete?
I have Vista which is now old and there is no "Use simple file sharing" option to untick.
I am sure Windows 7 doesn't have it either.
XP is now ancient!
21-Jan-2012
September 17, 2012 7:12 AM
Every time I highlight a file to open it, a window comes up wanting me to delete this file. I can't hardly get this window to go away. I have had to delete the file, then restore it from recycle bin. I am frustrated. I need help.