> > > And how is apache and PHP on top of it with direct access to the > > > file system more secure than samba? > > The suggestion is geared more towards "usable by any OS, > accessible from > > anywhere", rather than being more secure. > > > > > > It could be more secure, you can design whatever authentication & > authorization Mecanism you require in PHP+HTTPS, instead of using the > CIFS security model. > > > Also, more specifications are needed.. > "secure file repository"? > secure from what? > > what level of security? > secure from phisical thetf? > secure from unathorized, but authenticated access? > secure from unathorized and unauthenticated access? > secure from the internet public? > secure from fires? > secure from data corruption? > > "secure file repository", doesn't mean anything unless a propper > concrete specification is presented. >
All of the above (for a very handsome price...) Physical theft: handled by storing in encrypted, compressed form on disk - not even OS can get plain text. Unauthorized, but authenticated: Have users access on a per-folder basis - can only obtain files where they're allowed to. Unauthorized, and unauthenticated: Have to have a valid login to acces anything. Secure from internet public: firewalled to specific IP's, username/password/company. Secure from fires: rsync to remote off-site machines in encrypted format(OS just shovels bytes back and forth). Secure from data corruption: Maintain versions of files - if an update happens, version number increments(ala OpenVMS). Back versions can be easily obtained (Will use disk space, but, oh well) This is so far off-topic for this list. By recommending PHP/Apache, I was suggesting you build the security you need... Nige.
