Looking for feedback on my security implementations. Very impressed with the program.
My SetupMy set up has HFS running on a subdomain of my site: ie transfer.mysite.com
It runs on a Windows Storage Server 2008 essentially win server 2008
The storage server shares a folder called transfer that all users on the network can access via a mapped drive that is T: for them. Transfer has 2 folders: Download and Upload.
On HFS, it hosts the Transfer folder as a real folder.
Thus when any user on the network places a file in t:\downlaods\ HFS shares it.
HFS runs in
Sanboxie on the Storage Server. My thinking is that if some exploit is found and used against me the attacker will be limited to the sandboxed conditions. I know its possible an exploit may come along and they may be able to read other files hosted via an exploit but as far as writing any file except in the upload folder, compromising the OS or accessing anything else on the network (sanboxie completely restricts HFS from accessing network shares and other certain local folders that may be sensitive.)
My other security measure that covers access to other files is
obscurity, by having users place files in long folder names and to mask the root folder of all of them with a random string so that ppl cannot 'browse' and see other folders, they can only see the files of the folder they are in (but not its subdirectories). Thus If I give someone a link
http://transfer.mysite.com/downloads/ShareA876g4783202/ they can only see the files in that folder and not even its sub directories.
If they got snoopy and went to
http://transfer.mysite.com/downloads/ they would see no files because that folder only contains folders (no loose files) and the folders are masked so they don't see anything
My thinking is that if they wanted to access another folder I share they would have to guess what it is.
Since my set up involves users not on the HFS PC placing files via windows file share into folders that HFS hosts, they do not have practical access to the HFS program interface to always set passwords and username for the folders they create. See
http://www.rejetto.com/forum/index.php/topic,10803.0.html for more on my settup with users not on the HFS pc.
Thus by prohibiting the viewing of folders through a mask that is a random string and doesnt match any actual folder name and making it difficult to guess the names of other folders I figure I am pretty secure.
One big concern would be if a public user could turn the mask off.
Thanks