How do I secure files on a Linux server?

Forum Moderators: coopster & phranque

Message Too Old, No Replies

How do I secure files on a Linux server?

Trying to hide the real path to a file using Perl

AWildman

3:01 pm on Apr 23, 2004 (gmt 0)

I want to know how to give users a link to a file to download without them being able to bookmark the link or in any way know what the link to the file is. I thought I could get away with creating a folder in the scripts directory where the perl script resides, put the files in that folder, and then reference them relative to the script. Since users don't have direct access to the scripts folder, I figured that they couldn't type in www.mydomainname.com/scripts/something.fileext and get the file again. However, when I tried that, I couldn't view the file either from the link created by the Perl script. I was given a premature end of script headers message and the error log wasn't any more helpful.
I'm assuming there is some configuration issue on the scripts folder. I tried a relative link to both a .txt file and a .html file. I successfully managed to link to a file in the root of the web folder, but not the file in the scripts folder.
Am I going about this all wrong?

Yidaki

5:00 pm on Apr 23, 2004 (gmt 0)

>give users a link to a file to download without them being able to bookmark the link

Methinks, herein lies the problem. If you give them a link, they will be able to come back and download the file again unless

- you give them link that expires after the first download (temporary session id)
- you give them a user/password where the account expires after the first download

You could mod_rewrite or alias the script folder but this wouldn't prevent multiple downloads.

AWildman

6:05 pm on Apr 23, 2004 (gmt 0)

Oh well, I guess that jinxes my idea.

Thanks.

markanthony

6:22 pm on May 17, 2004 (gmt 0)

binmode.

Slurp the file into your perl script.

Send file out by printing to stdout.

You will have to set the headers...based upon what type of file you are sending.

This allows you to put the file in any directory and add management options as you see fit....

I don't think that you have to actually use binmode (may be deprecated)...but it's the concept.

AWildman

6:33 pm on May 17, 2004 (gmt 0)

I can't do that with executables, can I?
It'd be awesome if I could, but I'm thinking I'm outta luck.