> Is there a way to do this so that access to the file > would be _impossible_ unless the user is authenticated > by the mod-perl server? I am looking for a solution > that can guarantee that there is no way to circumvent > the authentication process. I can think of solutions > where the probability that users can access the file > without authenticating can be made very small, but I > am looking for an absolute guarantee.
Impossible, no. If the proxy server can handle FTP then one way is to have the source directory mods at 0711. That requires knowing the file name to get it; no listings w/o read access. After that you can have the web server, say, symlink a file with some temp name and redirect the user to the ftp server. Net result is that the proxy handles an ftp request for a name that is temporary to the download and hard to guess. -- Steven Lembark 2930 W. Palmer Workhorse Computing Chicago, IL 60647 +1 800 762 1582