On 21 Jun 2008, at 14:10, Michelle Konzack wrote:
I should note additionaly they http password protection is not
realy an
option since I have annonymous users which upload Debian Sources
and
Packages...
Also I the upload must work from any place in the Net, even
using M$
ware, any webbrowser, a cellphone or whatelse...
If you can't protect the upload URL by giving authorised users
something then you have no chance at all. If you allow anonymous users
to do something then you allow the "bad guys" to do it too.
Your only hope is to do some traffic shaping on uploads but you'll
probably find that'll piss legitimate users off more than it will
people trying to abuse it.
-Stut
--
http://stut.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
