Password Protect Folders

this bit of code will not provide the ultimate protection for folders but the average user probably would not realize that you just have to disable folder actions to get by this:P but little kids and clueless moms have the potential to delete important stuff on your computer so use this for folders you want to protect. Oh and i suggest after making this script put it in a folder and password protect it:P

on opening folder This_Folder
		tell application "Finder"
			set dialogresult to display dialog "Restricted Folder. Please enter the password to access folder:" buttons {"Ok", "Close"} default button 1 default answer "" with hidden answer
			copy the result as list to {PWText, button_choice}
			set button_choice to the button returned of dialogresult
			if button_choice is equal to "Ok" then
				set PWText to the text returned of dialogresult
				if not PWText = "your password" then
					display dialog "Access Denied" buttons {"Ok"} default button 1
					display dialog "Access Granted" buttons {"Ok"} default button 1
					exit repeat
				end if
			else if button_choice is equal to "Close" then
				tell application "Finder"
					close folder This_Folder
					exit repeat
				end tell
			end if
		end tell
	end repeat
end opening folder

where it says “your password” thats where you set your password:D

EDIT: and in case yu don’t know how to attatch this to a folder just right click a folder and click attach a folder action and then find your script! pretty easy!

Ah, yet another “password for folder” script.

If you need to protect a folder, just use an encrypted disk image for the contents of the folder instead. Or don’t leave your account logged in when you’re not there.

It took me all of 2 seconds to get into the folder without turning folder actions off.

This script does not prevent access to the folder if it is viewed in a list view from within its container window and the little triangle thingy is click to open it.

like i said, not ultimate protection, just light for people who wouldn’t think beyond the script…who don’t reazlie there are ways. usually little kids and clueless others.

But only if you have the containing Directory in icon view.

You could try two scripts, one that forces the container to icon view.

It doesn’t prevent me from searching a directory path.

It doesn’t prevent me from opening items inside the directory path from applications other than the Finder.

It doesn’t prevent me from removing the folder action script entirely by disabling it or deleting it.

Seriously, stop trying to plug up a sand dune here. If it’s important and sensitive, put it on an encrypted disk image. Double-click the image, enter your password, bam. Breaking AES-128 encryption is not remotely trivial unless you happen to have access to, I dunno, the Earth Simulator. And even then, you’re probably going to be sitting around for a couple of million years in an attempt to break it. (Side channel attacks notwithstanding, of course. Eventually, some brilliant mind will devise an attack algorithm that will be feasible on commodity hardware, but it’ll probably take a while before “current hardware” becomes this commodity hardware. ;-))

Here’s an analogy I like to use:

Imagine a grain of sand. That’s one possible key hash. Now imagine a beach. Now pull back farther and picture all the beaches on the planet. That’s how strong AES-128 is.

Can’t wait 'til we have another one of these threads next month . . .

oh my…
on another note how to you make encypted disk image? if there is a program is it free?

Disk Utility comes with OS X. (Or hdiutil if you want to use the command line.)

or an applescript :wink:

	set create_dlg to display dialog "Enter the name of the sparse image:" default answer "" buttons {"Cancel", "Not Encrypted", "Encrypted"} default button 3
	set encr_schm to the button returned of create_dlg
	set img_name to the text returned of create_dlg as string
	set img_size to the text returned of (display dialog "Size:" default answer "4g")
	set img_loc to POSIX path of (choose folder)
	if encr_schm is "Encrypted" then
		do shell script "cd \"" & img_loc & "\"; hdiutil create " & img_name & " -size " & img_size & " -encryption -type SPARSE -fs HFS+ -volname " & img_name & "; open " & img_name & ".sparseimage"
	else if encr_schm is "Not Encrypted" then
		do shell script "cd " & img_loc & "; hdiutil create " & img_name & " -size " & img_size & " -type SPARSE -fs HFS+ -volname " & img_name & "; open " & img_name & ".sparseimage"
	end if
	tell application "Finder"
		--display dialog "A sparse image " & img_name & " has been created inside " & img_loc buttons {"kay"} default button 1
	end tell
on error the error_message number the error_number
	if the error_number is not -128 then
		set the error_text to "Error: " & the error_number & ". " & the error_message
		display dialog the error_text buttons {"Cancel"} default button 1
		error number -128
	end if
end try

Why cd? You could simply feed hdiutil complete paths, ya know. :wink:

Also, remember to use /full/path/names in your scripts when using the shell. You cannot predict the users’ environments. (And $PATH exploits suck.)

Thanks for the example, cannedbrain.

Mikey-San, forgive my ignorance, but could you explain this in more detail if you have the time?



capitalj; An example.


instead of just hdiutil.

Thanks for the response. I’ve seen examples of this

but I don’t fully understand. Is that a path to a hidden file? I think my problem with shell and Terminal is my inability thus far to visualize how it works. I could use TinkerTool to show hidden files - maybe that would help me make the leap.

Thanks again,







Make sense?

The /usr folder is hidden.

Do you understand that when you just tell the shell the “hdiutil” that the shell has to find the actual hdiutil file? Do you know what places get checked when it does this? (Assuming it’s not a builtin command or an alias [which shouldn’t be confused with an other type of alias].)


I thought they were all stored in one place - I guess I’ve used only built in commands. Now I know better.

I recall seeing usr/sbin someplace as well as usr/bin, so I would guess those places unless a path is specified.

I’ve got a lot of googling and reading ahead of me, but your answers have helped me past the first step that kept tripping me up. Thank you both for your patience