Chay and Per, thanks for the ideas. I can't use a network sub-folder but running a service as a specific user would at least let me use DPAPI to securely store data.
Even if I have to have the service pass that data to my app it would still be better than hard coding it in the assembly. I'm not up on inter-application communication options in Windows. Does anyone know off-hand if there is a messaging mechanism that would tell me the path (to the exe) of the caller? If so then I could verify the hash of the calling application against a know value. At that point the only hole would be the admin's ability to change the service account's password and run some other app to access the data via DPAPI. Still a risk, but definitely an improvement. Thanks, -Mont =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
