Actually WinSCP allows disabling remote file editing:
https://winscp.net/eng/docs/administration

But anyway, as Pathduck noted, this won't really prevent your users to mess with the files.

pantera1989 wrote:

Is there no way to disallow the editor then?

I'm afraid the answer is no...

Let's suggest a scenario: A malicious user (I don't say you have any, just hypothetically :wink: ) want to edit files but you do not allow it in Winscp. So he downloads Putty, or some other ssh/sftp client, and uses that to log in, and then edit the files with vi, or any other editor. They could even use the built-in simple terminal in Winscp to do a substitution of what they want to change in the file, or create a custom command to do the same thing.

So basically, you can take care of permissions on your local site - but if the guys 'on the other side' won't cooperate and set read-only for the files there, there is no way to stop anyone editing them using any sort of workaround.

Even if you disable the editor, a user might be able to download to another location (local disk C: is available?) and edit it there.

If you want total control, take the user completely out of the equation and make a script to do the same thing, using for instance psftp or scripting in Winscp. That would be the best solution I think.


-P

martin wrote:

Pathduck wrote:

I think things such as these are best solved with correct access rights on the file system - read only for all files for instance, not a solution like this, which probably any user with a little computer knowledge can easily circumvent anyway.

Exactly. Thanks for answering.

I cannot limit this with read only rights as I don't control the other end where the files are obtained from. And locally they would need write rights to actually put the files there. The files are removed everyday, where new files are obtained the next day.

The scenario is this:

They retrieve files from a remote SFTP server and copy them to a local location. These files can be seen but not modified. They will be opened by a program to be processed. I have managed to disallow them editing the files while they are locally but I have no way to stop them from editing the files from the remote SFTP server because they can be edited with WinSCP itself.

Is there no way to disallow the editor then?

Pathduck wrote:

I think things such as these are best solved with correct access rights on the file system - read only for all files for instance, not a solution like this, which probably any user with a little computer knowledge can easily circumvent anyway.

Exactly. Thanks for answering.

Hi,
I don't think there is a way to completely disable the internal editor - if you remove all editors, the internal and Notepad will always be back.

I think things such as these are best solved with correct access rights on the file system - read only for all files for instance, not a solution like this, which probably any user with a little computer knowledge can easily circumvent anyway.

-P

Hi,

Is there a way to remove/disable the internal editor completely? We need our users not to be able to modify files; only retrieve them.

I know it can be removed in Options, but it can easily be re-added. I was wondering if there is a way to permanently remove this feature.

Or maybe is there a way to password protect the Preferences?

Thanks,
Robert