Hi, we are developing an app for a company and their data has to be private. There will be different stakeholders with different roles accesing the application and there will be lots of attachments.
We are using paperclip to upload attachments, which are stored in the filesystem within the public directory. Right now, the image_tags are only rendered if you are logged in and your role allows you to, but you can copy the URL and access the image any time, even without logging in, because the images are served directly and there is no controller involved. Also the URLs of images are pretty simple like "APP_PATH/attachments/8/report.pdf" or something like that, which makes it easy to guess other file URLs. So, what can you do to protect people form accessing file they should not? I have compiled a list of possible strategies we have thought about or read about on the internet: 1. Generate random names for directories and put the files inside. Regenerate the random directory names periodically, so attachments are harder to hit by trying randomly and the URLs have an expiry date/ time. Seems a bit messy, IMHO. 2. Store attachments outside of public and serve them using a controller and send_file. I think this works for download links but what about embedding images? 3. Store attachments in DB? Similar to the previous, i guess you would need a controller to serve the files. Any suggestions? Any experiences, good or bad? Cheers! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
