Perl Monk, Perl Meditation | |
PerlMonks |
Re: Allowing Apache to Write to filesystemby idsfa (Vicar) |
on Feb 24, 2006 at 16:33 UTC ( [id://532592]=note: print w/replies, xml ) | Need Help?? |
Your concern appears to be about ensuring the data integrity. You want to provide only the unmodified files that your process creates. I suggest that your PDF creator store a checksum/hash of the created files in a database, and that your download CGI only offers those files whose checksum is in the database. Before beginning the download, it can check to see that the file has not been altered, and throw an error if there is not a match. Digest::SHA (128-bit or better) would be a good method. Alternately, you could have your tool provide an automatically generated signature for each "official" file. GnuPG::Signature or the like would take you down that road. Updated: or better yet, Roll your DSA signatures The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon
In Section
Seekers of Perl Wisdom
|
|