Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change

Re: Security on shared server

by einhverfr (Friar)
on Mar 04, 2014 at 03:26 UTC ( #1076829=note: print w/replies, xml ) Need Help??

in reply to Security on shared server

A number of things to think about.

  • If the server is compromised, your security is toast. If the material is particularly sensitive, you should at least go with a vps, if not a dedicated server.
  • Effects of deleting the file depend on the underlying filesystem. If you can't control that, you can't control what it means to delete the file.
  • How big is the file? Is it something you can just post in chunks to a web server via https and process in memory?
  • Where else do you need to protect the data?
  • If you must store on disk, can you encrypt the file on disk and decrypt during reading? Maybe you can post the key with the upload making it unreadable effectively after the session is done (since the key never hits disk)?

There is no such thing as perfect security but you need to think through the tradeoffs carefully, and you need to look carefully at the possibility of better security than a purely shared server if it is truly sensitive.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1076829]
[Discipulus]: i have a different opinion: automation is always worth: first i can use Perl (and this is good), then later you can reuse parts to automate others tasks. My $boss everytime say:'how much time you spend doing this?' So generally i present a perl solution
[Corion]: Discipulus: Yes, but the chart gives some limits on whether it's really worth spending time for saving your time. If you gain enjoyment, automating is still great, but it doesn't save time ;)
[Discipulus]: Corion are you would able to realize such thing? O_O
[Corion]: In the same vein I have a script that automates Firefox to enter some data into another system. It's not faster than the people using the script if they were to do it manually, but they prefer not having to check the data and not having typos when ...
[Corion]: ... entering the data
[Corion]: Discipulus: I don't know whether I could really do that, but the init process itself mostly launches other processes, and the whole startup is just following a path of dependencies and making sure they are all running. Which basically is what ...
[Discipulus]: when at work my time is (temporarly) owned by the firm, so i do not care (coworkers whatch movies.. I code Perl)
[Corion]: ... make already does, except for files instead of programs. But maybe with some /proc hackery, that could be eliminated and one could use plain make :-D
[choroba]: systemd just makes is asynchronous
[choroba]: so, make -j

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (5)
As of 2017-07-27 09:28 GMT
Find Nodes?
    Voting Booth?
    I came, I saw, I ...

    Results (408 votes). Check out past polls.