- Status Closed
- Percent Complete
- Task Type Feature Request
- Category Backend / Core
-
Assigned To
pizza - Operating System All
- Severity Low
- Priority Very Low
- Reported Version Devel
- Due in Version 2.31
-
Due Date
Undecided
- Votes
- Private
FS#19 - Bulk import from filesystem
This one is a doozey, due to the security implications in a multiuser/shared environment. We may want to make the 'filesystem bulk import' path per-user or something like that, but it has to be readable by the webserver user.
Closed by pizza
2006-06-15 15:37
Reason for closing: Deferred
Additional comments about closing: I'm closing this for now, I can't come up with any remotely-secure way of handling this, while still allowing users to specify their own upload paths.
2006-06-15 15:37
Reason for closing: Deferred
Additional comments about closing: I'm closing this for now, I can't come up with any remotely-secure way of handling this, while still allowing users to specify their own upload paths.
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
The current implementation (in -devel) pops up a text box and expects the user to enter path. This is a glaring security hole, as any file readable by the webserver could potentially be imported.
Still, I'm inclined to port this to -stable, defaulting it to disabled, as the code that enables this is pretty simple.
It's backported to -stable now, defaulting to DISABLED.
I think I may only enable it for admin-level users?