Hi, Ben... Now, I'm quickly getting out of my league with possible security breaches, but isn't there someway to protect against unauthorized intrusion into non-specified folders? Like FTP uses to lock a user into a home directory?
Again, as far as making sure that only the right documents are available in a particular folder they specify for upload...that's on the user...if you were to choose to upload your business plan by mistake instead of the photo of your cat...whose fault is that? Surely, there should be a way to allow directory upload while limiting security risks. (Maybe not currently, but in future versions of HTML / CF) Rick -----Original Message----- From: Ben Doom [mailto:[EMAIL PROTECTED] Sent: Thursday, March 10, 2005 9:37 AM To: CF-Talk Subject: Re: How to Browse and Choose Directory... > You know, the only reason I've heard discussed as to why directory > contents can't be uploaded en masse like single files, is security. > > But what is the difference, except numbers of files, between a client > specifying a single file for upload vs. an entire directory for upload? > > I don't see what the security issue is... I want to upload an image of my cat stored in my "My Pictures" folder. While the webserver is at it, it also grabs my pic. Or I want to upload a fanfic in the My Documents folder, and my business plan gets ripped. Or how about this: if you allow recursive directory scanning, if I upload something from the root of C: you could scan the contents of my entire HDD. --Ben ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:198185 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
