On Thursday 16 February 2006 12:01, Carlos Zottmann wrote: > We are successfully blocking the download of executable files with the > configurations below ... Maybe our users don´t have in IQ above 30 :-) > Seriously, I don´t have reports of people managing to circumvent it. If > anyone knows a way, please, let me know, ok? Two drawbacks: a) you rely on the content type being sent from the web server (I can set up an Apache that always sends text/html even for binary downloads. Web server usually take the suffix of a file for finding the content type. Many files will get through with no content type either.) b) http_reply_access does not work with "dynamic/slow ACLs" like external ACLs (e.g. you cannot connect that authorization to LDAP groups - which is a problem when dealing with 5000 users that are maintained by a help desk department) Otherwise it might be acceptable. Christoph -- ~ ~ ".signature" [Modified] 1 line --100%-- 1,48 All
