#185 User passworded files

Security (9)

This would be secure for everything except downloading
(since anyone with a little sense could figure out how
to download each file, as long as loc1 isn't altered).
Make it so only admins and the user with the password
can edit, delete, etc that user's file. File and
directory ownership is tracked, so only the owner of
the file or an admin can add a password.


  • Brandon Nimon

    Brandon Nimon - 2008-11-07
    • milestone: --> 2.0.0
    • assigned_to: nobody --> bnimon
    • priority: 5 --> 4
    • labels: --> Security
    • status: open --> open-accepted
  • Brandon Nimon

    Brandon Nimon - 2008-11-07

    An alternate solution: artifact 2230567
    Allows a user who owns a file/dir to allow other users to
    delete/edit/write/read/see it. No password, maybe that can be a bypass to
    the system if the owner so desires.

  • Brandon Nimon

    Brandon Nimon - 2008-11-11

    This is now complete.
    The owner can set universal permissions (del, edit, write, read, see). Then, at their choosing, they can set a bypass password to allow user which have such a password to still have full access (limited only by their user permissions). This allows users to hide files or protect them from other users.
    Only admins supersede this. They can still view and change all aspects of the file (permissions and even the password).

  • Brandon Nimon

    Brandon Nimon - 2008-11-11
    • status: open-accepted --> closed-fixed

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks