On Sun, Sep 11, 2011 at 4:43 AM, Alex Tweedly wrote: > > Roger, the problem is that this doesn't protect you from the biggest > danger. All this does is download the file again (not desirable if it's a > large file), and then compare the md5-digest of the two downloaded copies. > > While this does protect you against a temporary glitch in one of the > downloads, it doesn't do anything about the larger danger - that the file > has become corrupted on the server. If the file on the server has been > accidentally over-written, or even worse has been maliciously replaced by > some virus-containing file, then this check won't save you. > > It really is safer to have the md5-digest stored on the server. Ideally > (for the truly cautious or paranoid), you would create the md5-digest > before uploading the file, and then keep the digests on a different server, > with a different username/password, so that even if the main account is > compromised, the digests are still secure. > > -- Alex. > > > On 10/09/2011 20:53, Roger Eller wrote: > >> >> I am pleased as punch to report that THIS DOES WORK with an FTP path. >> >> ˜Roger >> > YUK! It re-downloads the file! I wondered why it's performance seemed so sluggish. This is a real bummer. You've got me thinking though, so for protecting the initial md5digest, I might store it in a database rather than a file. That could possibly make retrieval of that code more efficient, and also add a protective layer. Thanks for that info Alex!
˜Roger _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
