lo and security
i'm making a photo album app with php4 and pgsql. i came across something
i think could be a security risk.
i have a web page with a form for user to upload their image, then using
INSERT and lo_import() i get the file to the right location. the problem
is this, with one postmaster running as uid pgsql, that would allow any
other developer to view my data just by guessing the path to my images
cause they all get read by user pgsql.
how do i circumvent this?
On Fri, 18 May 2001, Thomas T. Thai wrote:
i'm making a photo album app with php4 and pgsql. i came across something
i think could be a security risk.i have a web page with a form for user to upload their image, then using
INSERT and lo_import() i get the file to the right location. the problem
is this, with one postmaster running as uid pgsql, that would allow any
other developer to view my data just by guessing the path to my images
cause they all get read by user pgsql.how do i circumvent this?
One trick is to have multiple postmasters with different uids. This works
if the load is not too high. All postmaster are from the same
installation, but use different database-root locations. The other way
would be to encrypt the images but this will probably be not an easy
solution either.
- Einar Karttunen