the ultimate storage solution
Nigel Weeks
nweeks at examiner.com.au
Wed May 24 16:12:34 PDT 2006
> > > And how is apache and PHP on top of it with direct access to the
> > > file system more secure than samba?
> > The suggestion is geared more towards "usable by any OS,
> accessible from
> > anywhere", rather than being more secure.
> >
> >
>
> It could be more secure, you can design whatever authentication &
> authorization Mecanism you require in PHP+HTTPS, instead of using the
> CIFS security model.
>
>
> Also, more specifications are needed..
> "secure file repository"?
> secure from what?
>
> what level of security?
> secure from phisical thetf?
> secure from unathorized, but authenticated access?
> secure from unathorized and unauthenticated access?
> secure from the internet public?
> secure from fires?
> secure from data corruption?
>
> "secure file repository", doesn't mean anything unless a propper
> concrete specification is presented.
>
All of the above (for a very handsome price...)
Physical theft:
handled by storing in encrypted, compressed form on disk - not even OS can
get plain text.
Unauthorized, but authenticated:
Have users access on a per-folder basis - can only obtain files where
they're allowed to.
Unauthorized, and unauthenticated:
Have to have a valid login to acces anything.
Secure from internet public:
firewalled to specific IP's, username/password/company.
Secure from fires:
rsync to remote off-site machines in encrypted format(OS just shovels
bytes back and forth).
Secure from data corruption:
Maintain versions of files - if an update happens, version number
increments(ala OpenVMS).
Back versions can be easily obtained (Will use disk space, but, oh well)
This is so far off-topic for this list. By recommending PHP/Apache, I was
suggesting you build the security you need...
Nige.
More information about the Users
mailing list