Steve Holden <[EMAIL PROTECTED]> writes: > > That sounds trivial to ameliorate (at least somewhat) by putting your > > uploads in a directory whose name is known only to you (let's say it's > > a random 20-letter string). The parent directory can be protected to > > not allow reading the subdirectory names. > > But you have to admit that's "security by obscurity".
I'm not completely sure it's security by obscurity if the system setup is careful. The pathname is like a password and maybe it can be proteced from exposure to the same degree that other file system contents are protected. This would not pass review for protecting launch codes, but neither most things done on even serious commercial web sites. -- http://mail.python.org/mailman/listinfo/python-list
