[HCS-D]HCS in 2005

Greg Westin westin at hcs.harvard.edu
Thu Dec 23 01:59:11 EST 2004


WebDAV also seems to often run into problems with people who try to move
the files via some non-WebDAV means like (S)FTP or the command line, and
they mess up the locking or whatever that WebDAV establishes.  I don't
know a lot about this, but I once wrote a tutorial on how to publish
calendars from Apple's iCal to a WebDAV server, and I get lots of e-mail
from people who screw this up.

Presumably, we could figure out how to do something to prevent this, by
storing their WebDAVable stuff outside their home directory or something.

Greg
---
http://www.gregwestin.com/
Contact info: http://www.gregwestin.com/contact.php

On Tue, 21 Dec 2004, Ivan Krstic wrote:

> Philip Zeyliger wrote:
> > The security model for WebDAV always seemed a little scary
> > to me, but YMMV.
>
> You're right, it's scary by default. There is a German company that has
> done substantial work on adding a proper security model to the Apache
> module implementation of WebDAV, though, and I'm in touch with the guy
> who implemented that. We might be able to use their extensions or code
> our own and get them merged upstream. Samba would definitely be a
> short-term solution here, if we require one - but its security suffers
> from its own set of fatal flaws: cleartext passwords, cleartext data.
>
> Ivan
> _______________________________________________
> hcs-discuss mailing list
> hcs-discuss at lists.hcs.harvard.edu
> http://lists.hcs.harvard.edu/mailman/listinfo/hcs-discuss
>


More information about the hcs-discuss mailing list