I am putting together a back office app for a local authority where the images are very sensitive, nothing bad just personal information stuff.
has anyone got any comments on the best way to secure these. I was thinking of hashing the directory name and image so no one would ever be able guess it, for instance the URL of the image would be something like
Would this be regarded as a secure method if no directory browsing is alowed?
granted once the user browses to it they would have the image in their cache but I am looking at only giving access to images to the administrators who would have the images on their computers anyway.
The only other thing I can think of is in some way serving the image back to a temporary directory or inline data which would destroy when the page closes?
Cache is the least of your worries because most browsers can save images directly (and renamed, if desired). Basically, if you trust the visitors to view the images, they can be saved by each and every one and there’s nothing you can do about it. Yes, you can make it more difficult with layered DIVs but that’s futile.
Another option is to store the images as BLOB’s within a database system on the server, and use all the authentication and security of the dbms to help control access. That way the actual images never exist as files in the server’s filesystem.
I think that the BLOB idea is worth looking into. I think I remember an example in Kevin Yanks book many many moons ago when learning PHP for the first time.
Am I correct in thinking though dklynn that even if the image cant be seen by navigating to a folder (using the blob db method), there will still be a cached image on the users machine?
The browser isn’t served a BLOB, the BLOB is used to create an image. So the browser will have an image to save if so desired.
AFAIK there is no way to give something to someone without letting them have it. Can you afford legal avenues when/if need be?
I think I am going to have to back to them and explain the ramifications of the image provision. I can only serve the images if the IP is an internal address.
