"Greg J. Zartman" <[EMAIL PROTECTED]> said:
> > The only web-based file sharing implementation that is secure > I respectfully disagree here Darrell. I've seen an implementation that > used SMTP to upload the file to the server: That's not web-based, which is what I was commenting on, following this groupware thread. > Another solution that I've seen uses a kind of file cache for uploading > files to the server. You'd upload via the browser to a temporary > location. Again, not a full web-based implementation as it sounds that this would permit upload and I'm guessing download only. No edit/delete/rename. > I don't follow 100% of what you did here, but looked like a really good > implementation. Thanks, I was hoping to get people interested in expanding on this. The bottom line is if you want an easy_to_use, full featured, web-accessible, directory-based file share, then Apache is in charge of the directory. Apache security is the only true security available. The only other choices are to implement a VPN share or SSH share but by default this would be difficult. Ever SME created users belongs to the shared group. Ever SME user gets full access to all SME services such as send/receive mail, VPN access, print, ibays available to everyone etcetera. If your goal is to host a project file share, say with external clients, consultants or vendors to all collaborate, you don't want these external people to be local SME users. This then comes back to my implementation which does allow restricted access, to unique project file shares, by external users, defined in a unique per share access list. Regards, -- Darrell May DMC Netsourced.com http://netsourced.com http://myEZserver.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
