[dokuwiki] Re: somewhat urgent question - hiding contents in _media

• From: "Tobias Eigen" <tobiaseigen@xxxxxxxxx>
• To: dokuwiki@xxxxxxxxxxxxx
• Date: Sun, 23 Mar 2008 18:13:37 -0700

hi folks,

thanks for your quick replies.

>  You're talking about _media - _media is a rewrite pointing to
>  fetch.php. fetch.php will honor your ACLs when delivering files, so
>  there are two things to check:
>
>  - are links in google pointing to _media or to data/media ?
>  - When it is the former, your ACLs are probably not set up correctly.
>  Remember only namespace ACLs are relevant for media files. When it is
>  the latter see what Chris said.

It's a file in the _media folder. But perhaps you're right and the
issue is with the ACLs. I will explore the issue some more and let you
know what I come up with.

Cheers,

Tobias

On Sun, Mar 23, 2008 at 2:21 PM, Andreas Gohr <andi@xxxxxxxxxxxxxx> wrote:
> On Sun, 23 Mar 2008 19:06:58 +0000
>  Christopher Smith <chris@xxxxxxxxxxxxx> wrote:
>
>  >
>  > On 23 Mar 2008, at 14:54, Tobias Eigen wrote:
>  > > Hi Andi,
>  > >
>  > > It is now possible for unauthenticated people to access all the
>  > > contents of the _media path, including google. This is disastrous
>  > > for us as we have been using the wiki for internal discussions and
>  > > planning. We have namespaces set up to be public, and others set up
>  > > to be private. All content uploaded to the wiki, whatever the
>  > > namespace, is publicly visible.
>
>  What Chris said is probably the answer to your real question hower
>  there is something in you post not matching your Chris' answer...
>
>  You're talking about _media - _media is a rewrite pointing to
>  fetch.php. fetch.php will honor your ACLs when delivering files, so
>  there are two things to check:
>
>  - are links in google pointing to _media or to data/media ?
>  - When it is the former, your ACLs are probably not set up correctly.
>  Remember only namespace ACLs are relevant for media files. When it is
>  the latter see what Chris said.
>
>
>
>  Andi
>
>  --
>  http://www.splitbrain.org
>



-- 
Tobias Eigen

Senior Steward - IT
Global Action Networks-Net (GAN-Net)
http://www.gan-net.net

Executive Director
Kabissa - Space for Change in Africa
http://www.kabissa.org
-- 
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

• References:
  • [dokuwiki] somewhat urgent question - hiding contents in _media
    • From: Tobias Eigen
  • [dokuwiki] Re: somewhat urgent question - hiding contents in _media
    • From: Andreas Gohr
  • [dokuwiki] Re: somewhat urgent question - hiding contents in _media
    • From: Tobias Eigen
  • [dokuwiki] Re: somewhat urgent question - hiding contents in _media
    • From: Christopher Smith
  • [dokuwiki] Re: somewhat urgent question - hiding contents in _media
    • From: Andreas Gohr

Other related posts:

• » [dokuwiki] somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media
• » [dokuwiki] Re: somewhat urgent question - hiding contents in _media

1. Home
2. dokuwiki
3. Archive
4. 03-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---