\images\ folder security

Discussions related to customizing hooks. Hooks are documented at http://bigprof.com/appgini/help/advanced-topics/hooks/
Post Reply
rudolph
Posts: 3
Joined: 2015-11-20 13:08

\images\ folder security

Post by rudolph » 2021-04-19 18:27

Hi,

All files uploaded from the Gini App go to a folder named [appgini_folder]\images\xxxxxxxx.xxx I run the app from a folder in my domain. I found that the files are saved some times with permission 666 and some times 664. In any case, anybody with the URL link could access the files without needing to know the password to access the app. Of course, the name of the file assigned by Gini App is an hex number or sometimes a decimal number, but neither seems to be enough to prevent malicious access. Also, that can be objected by a GDPR or UK DPA audit.

Is there any way to make sure that the files uploaded are either saved with 660 permission or protected by the password of the app?

Thank you for your help.

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: \images\ folder security

Post by pbottcher » 2021-04-19 20:58

Hi,

have a look at

viewtopic.php?t=2856#p9355
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

Post Reply