Home/Support/Support Forum/filesystem security
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

filesystem security

0 votes
Hi,

I was wondering if there is a clear example of how to password protect a file resource written to the Flash or RAM file systems.

/FS/RAM0/my_data.xml
/FS/FLASH0/my_data.xml

If saved my understanding is that both of the above would be routable through a web browser.

If the web server were Apache I would know how to protect this with a configuration file or htaccess directive.

If this were a normal web page I could put this snippet at the top of the page:
Code:
<!-- RpPageHeader RpAccess=Realm1 -->

How does permissions work for the digi file system? Are there areas of the file system that can be written to that are not accessible through the web server?

What is the best practice for persisting memory to a file in the file system and still preserve security of this data?

Thanks,
Gordon
asked Nov 8, 2011 in NET+OS by gpotter New to the Community (2 points)

Please log in or register to answer this question.

3 Answers

0 votes
Exactly For what purpose are you wanting to use this?
answered Nov 21, 2011 by chungkshinnn New to the Community (1 point)
0 votes
Just wanting to understand the security of the model.
answered May 22, 2012 by gpotter New to the Community (2 points)
0 votes
File permissions associated with a file, that is written to the file system through the web server are based on the group to which that user belongs. If the user belongs to more than one group, the lowest numbered group of the set of groups to which that user belongs is used.

You refer to the Apache web server that might allow you to define a directory that is the only directly to which the Apache web server has access (if I remember from one of my grad school courses there was a config file that set this). There is no such feature in the NET+OS web server. The best you have is through the groups referred to above.

The mechanism is part of the system access component as described in the API reference. sysAcces.h in the \h diretcory contains all of the groups. You will notice that the groups used by the web server component and the file system component share bit patterns. So a file placed by a user belonging to a particular group through ftp will have the same protections if access through the web server.
answered Oct 3, 2012 by dakotas_dad Veteran of the Digi Community (694 points)
...