My application serves files to users via a web interface.
When a user is authenticated, the application instance has to be confined to the user's assigned parts of the filesystem hierarchy.
First there is the hierarchy of what the application can access, say, '/serve/files'.
Then there is the hierarchy (filesystem tree slice(?)) That user x is given access to; '/serve/files/a' and '/serve/files/b'.
When the application asks to do something to /serve/files/g, it should recognize that this is not one of the places that the current instance of this application (the user) can access.
The ammount of data is large and I foresee it getting much larger. So, mounting will happen.
I need to know that file /serve/files/a/this is first and foremost within '/serve/files'. But /serve/files/a might someday be mounted, as may serve/files/b and serve/files/c, and from different drives.
(I have fantasized about just making each 'user' a real user on the system (linux) and taking it from there. Which seems sensible to me- but freaks out my co-workers. It's been pretty much decided that it would be too.. iffy? complex? Or leave too many security holes open; to do that. So I have to mimic a filesystem, somewhat.)
In reply to Re^2: cleaning up absolute path without resolving symlinks
by leocharre
in thread cleaning up absolute path without resolving symlinks
by leocharre
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |