Hi, May I "just" ask _why_ the upload directory is in the docroot ? I think the real problem is there ; every workarounds (in particular, Apache-specific workarounds) will fail to enforce security.
The simple answer to improve the security is to move the upload dir out of the docroot and : * for not often accessed files: use a PHP wrapper which intercept the call (via the same system as the front controller), modify the headers and do a readfile on the file in the upload dir * for often accessed files : the possibility to move after validation the desired files in the web dir : the main difference with the existing method is _this_ is a volontary act, not an automatic one. The workarounds with php_flag are unrelevant because it needs both the use of Apache and the use of PHP as a module which is not performant, and not secured either. The workaround with .htaccess needs "AllowOverride FileInfo" in the Apache configuration which is not desired in many cases and moreover is Apache-specific. Using RewriteRule with the appliance/octet-stream will not work properly if the uploaded file is, for instance, an image : the browser will download it instead of displaying it. The exception with dot files is not necessary : you do not name your files on the server based on the information provided via $_FILES, do you ? Regards, Florian MAURY -- You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en.
