[ZODB-Dev] Re: Metadata in zope / binary data on FS
Steve Alexander
steve at cat-box.net
Fri Jul 18 22:00:39 EDT 2003
>>I think the trick would be to redirect (if the user is allowed access)
>>to
>>a random path (generated with a symlink at the same time as the
>>redirect is
>>issued), which would then be cleaned up perhaps half an hour later
>>via cron.
>
>
> Hm. That doesn't really make it impossible for an unauthorized person
> to get a file, just very very unlikely depending on how good your
> path-generation algorithm is :-)
A password doesn't really make it impossible for an unanthorized person
to get a file, just very very unlikely depending on how good their
choice of password is.
Given the average user's choice of password, I'd go for the random path
anyday.
> I doubt our security people would approve that scheme.
> Some of the stuff we serve is medical data which comes with some
> heavy legal requirements wrt. security.
--
Steve Alexander
More information about the ZODB-Dev
mailing list