From: Craig A Summerhill (craig@cni.org)
Date: Tue Apr 20 1999 - 09:55:29 CDT
On Tue, 20 Apr 1999, Tom von Alten <tom_vonalten@boi.hp.com> wrote:
>
> Craig A Summerhill <craig@cni.org> wrote:
> >
> > Finally, I would propose a fourth (4) option for an approach to handling
> > MIME attachments:
> ...
> > o have hypermail send an e-mail note to the web administrator
> > (or otherwise defined administrator) telling them to review
> > the file and change the permissions to 644 on the file in
> > order to make it accessible. Thus, the markup of the base
>
> This last one is not something we'd undertake on our intranet, as the volume
> of attachments would make it prohibitive.
>
> I thought of a simpler approach. What if we just prefix user names with
> something innocuous? Add on "x-" or some such, so
> .htaccess -> xhm-.htaccess
> for example.
Hey Tom,
That's actually quite simple, and elegant. Good idea!
The only down side of it I can think of would be be an issue of
transporting the file across file systems. If the web DocumentRoot also
happens to be a Samba or netatalk share, the prefix could break certain
types of file mappings. The only one I can think of for sure are shares
where the file names are being forced to 8.3 (DOS filenames) on the
client side, but there might be others.
Nevertheless, I think that is a small price to pay for the added
security. I can't imagine people wanting to use a file system share to
transport the file anyway, given that it can be delivered up through a
web browser. But I see people doing some strange things with Samba
and netatalk on the lists I hang out on...
P.S. Along the same vein, isn't hypermail 2.x already substituting an
arbitrary name for the attachment when it gets written to disk? As I
recall, all the MIME attachments are named something like 'binNNNN'
where NNNN is a numeric string that corresponds to the NNNN.html file
to which it is linked. As long as hypermail doesn't ever use the
user supplied name for the MIME attachment, there should not be a
problem. Even if file bin1234.txt has valid .htaccess commands in it,
the web browser isn't going to be looking for it.
Were we hunting for a problem here that doesn't really exist? Is there
any case, Daniel, where hypermail writes the file to its user given
name?
-- Craig A. Summerhill, Systems Coordinator and Program Officer Coalition for Networked Information 21 Dupont Circle, N.W., Washington, D.C. 20036 Internet: craig@cni.org AT&Tnet (202) 296-5098