Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re: Allowing Apache to Write to filesystem

by idsfa (Vicar)
on Feb 24, 2006 at 16:33 UTC ( #532592=note: print w/replies, xml ) Need Help??

in reply to Allowing Apache to Write to filesystem

Your concern appears to be about ensuring the data integrity. You want to provide only the unmodified files that your process creates. I suggest that your PDF creator store a checksum/hash of the created files in a database, and that your download CGI only offers those files whose checksum is in the database. Before beginning the download, it can check to see that the file has not been altered, and throw an error if there is not a match. Digest::SHA (128-bit or better) would be a good method.

Alternately, you could have your tool provide an automatically generated signature for each "official" file. GnuPG::Signature or the like would take you down that road.

Updated: or better yet, Roll your DSA signatures

The intelligent reader will judge for himself. Without examining the facts fully and fairly, there is no way of knowing whether vox populi is really vox dei, or merely vox asinorum. — Cyrus H. Gordon
  • Comment on Re: Allowing Apache to Write to filesystem

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://532592]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (9)
As of 2018-06-19 07:55 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (111 votes). Check out past polls.