in a project we where working on, we wanted to use mod_secure_download to protect a subdirectory and all the files inside.
This means that mod_secure_download cannot use the full relative path after the hexadecimal timestamp, but only X number of path_elements.
The attached patch adds a new option, secdownload.path_elements (defaults to 0, so it uses the full rel_path).
secdownload.secret = "some secret" secdownload.document-root = "/my/storage/root/" secdownload.uri-prefix = "/safe_storage/" secdownload.timeout = 86600 secdownload.path_elements = 2
This would allow the all the following URLs to be valid:
http://my.site/safe_storage/dcfa11fde1588d7b389229ec48a336ce/446921b1/user_id/module/ http://my.site/safe_storage/dcfa11fde1588d7b389229ec48a336ce/446921b1/user_id/module/a_file.txt http://my.site/safe_storage/dcfa11fde1588d7b389229ec48a336ce/446921b1/user_id/module/b_file.txt
because the checksum only takes in account `/user_id/module`.
You could also change
secdownload.path_elements to 1 and then the same URLs could be used for all URLs with the same
See comments for patch "freshness" and stability.
Updated by melo almost 18 years ago
I'm using this patch with 1.4.9 still in the test environment.
I want to update it to 1.4.11 before putting this in production.
'_'Note well:'_' after uploading the file, I noticed a cosmetic typo. The configuration option should be
path-elements and not
This will change in a future version of this patch.
Security-wyse, I believe that this patch does not remove more security and control than what it is expected to remove. Please post any problems you find with it.
Updated by gstrauss about 7 years ago
- Description updated (diff)
- Status changed from New to Need Feedback
- Assignee deleted (
Is this feature still desirable?
As noted in #1904, arbitrary validation could be accomplished using a FastCGI authorizer in lieu of mod_secdownload, allowing the creation of the keys to be collocated with the code which validates the keys, instead of trying to extend mod_secdownload in a variety of ways.
Updated by melo about 7 years ago
although we still use this patch in production, we are actually phasing it out at this moment to use a mechanism like what you describe, an authoriser.
I don't plan on using it anymore, so from my point of view, this ticket can be closed.
Also available in: Atom