[ic] Restricting access to PDFs
Kevin Walsh
kevin at cursor.biz
Tue Aug 1 22:00:41 EDT 2006
John Young <john_young at sonic.net> wrote:
> Brian J. Miller wrote:
> > Additionally you can use an actionmap combined with the [deliver] tag to
> > provide any file accessible on the local filesystem with whatever
> > privilege system you would like.
> >
> > The [deliver] tag provides base functionality for sending the proper
> > Content-Type header and the raw file as is.
> >
> > [snip: example]
> >
> > Then within the 'download' actionmap you can add any privilege checking
> > you wish before providing the file itself. We use this method on at
> > least one client site for handling soft goods.
> >
> Would the actionmap above allow directory traversal -- i.e.
> should it perhaps include something like s/\.\.//g?
>
The [deliver] tag will only allow relative files, so it is safe to
use.
There are a couple of downsides to [deliver]:
1. It will read the whole file into memory and send it out via
Interchange. This could use a lot of memory, depending upon
the file and the number of concurrent users, so you may want to
avoid serving large files in this way.
2. Related to the above. A large file may take a long time to send,
and so the send may be interrupted after the amount of time
specified in your PIDcheck directive. Again, you will probably
want to avoid using this mechanism to send ISO images to people
who only have a 14.4k modem.
--
_/ _/ _/_/_/_/ _/ _/ _/_/_/ _/ _/
_/_/_/ _/_/ _/ _/ _/ _/_/ _/ K e v i n W a l s h
_/ _/ _/ _/ _/ _/ _/ _/_/ kevin at cursor.biz
_/ _/ _/_/_/_/ _/ _/_/_/ _/ _/
More information about the interchange-users
mailing list