[HECnet] Public "dropbox" type directory?
Jerome H. Fine
jhfinedp3k at compsys.to
Tue Oct 8 04:31:07 PDT 2013
>Sampsa Laine wrote:
What would be the correct security settings for a directory that:
- Allows anyone to add a file
- Anyone can read any file
- Nobody can delete, edit or replace existing files.
Thinking of setting this up on CHIMPY for people to store nifty stuff they find.
Just a suggestion. Why not have TWO directories?
(a) WRITE ONLY - anyone can send files to it - normally named: INCOMING
(b) READ ONLY - anyone can read any file
Just in case, you can (probably should) monitor
what is added to (a), then copy it over to (b)
ONLY after it is checked. Having (a) which
only you can look at (you might allow the contents
to be displayed, but I would not recommend it)
provides much better security. I also suggest that
for any file larger that 10 MB, an MD5 checksum
also be sent so you can verify the large file was
sent correctly.
Jerome Fine
More information about the Hecnet-list
mailing list