Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re^5: Encrypt files on server and then decrypt when user downloads

by Illuminatus (Curate)
on Oct 19, 2012 at 21:57 UTC ( #1000061=note: print w/ replies, xml ) Need Help??


in reply to Re^4: Encrypt files on server and then decrypt when user downloads
in thread Encrypt files on server and then decrypt when user downloads

I echo BrowserUK's sentiment. Put another way "put your effort into protecting access to the files, not encrypting them". Using linux for an example, you can set the directory permission of the files to only allow read for the owner or group. The 'web-server SSL' user should be the owner. If a hacker can get access as the web-SSL user (or root), then you should be concentrating on improving access security, not download security. If this is a remote-FS issue, ie the web-server mounts the FS where these files reside, and security isn't as good on that file-server, fix the security there.

fnord


Comment on Re^5: Encrypt files on server and then decrypt when user downloads

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1000061]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (5)
As of 2014-12-21 03:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (102 votes), past polls