Typically on a Unixish system with no extra services running that will enable any type of normal access, you can set permissions however you want and, aside from write errors (when you've disallowed yourself from writing) and 5xx errors, you will be fine. Users are only permitted as much access as the server allows (so don't use IIS or you are potentially giving full system access to anyone willing to take it). If you are concerned, you can set limits with Apache (if you have access).
On Nov 19, 2004, at 12:10 PM, Chasecreek Systemhouse wrote:
On Fri, 19 Nov 2004 11:50:41 -0600, Ed Pigg <[EMAIL PROTECTED]> wrote:
I'm trying to setup a system where users can upload images to a designated uploads dir. Once the file is successfully uploaded I want
Keep account creation and uploads separate functions.
In this case the user will not have a separate site or account. Appropriate authenticated users will be able to upload images.
Do I need to make the webuser part of a group that will have write access to the dir's? What are the best practices for this type of thing.
Yes; here is soemthing to get you started -- change server/directpry references as approppriate:
Thank you for the example.
I am able to upload the image file already. That part I have figured out. What I'm more concerned about is setting appropriate permissions on the upload dir, so that the web application can write to it but not so much that I'm needlessly exposing the directory to the outside world. I want to open the door just enough to get the job done by the web application and no more. Is that clear? It's not strictly a Perl question unless I need to get the application to change.
I want to make sure that I am taking the site security seriously and don't expose it to threats needlessly.
Thanks
Ed
<LimitExcept POST GET>
Deny from all # or Require valid-user
</LimitExcept>
for example.
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
