Subject: Re: Web Access to Data?

From: Russell E Owen

Submitted: Mon, 21 Nov 2005 14:42:07 -0800

Message number: 935 (previous: 934, next: 936 up: Index)

At 3:03 PM -0700 2005-11-21, Fritz Stauffer wrote:
>X-SpamCop-Whitelisted: nmsu.edu
>
>All,
>
>APO has had a hidden URL to the data for the last few months, and 
>recently it has appeared in the web pages.  Now that the link is 
>public, it can let anyone access the data.
>
>The question is, I would like to remove this link and let users 
>access the data with FTP or secure FTP.  Is there any compelling 
>reason to leave this link?  If possible, let me know soon, so I can 
>decide how to handle this before the holidays.

TUI uses this web server to download images, so please do not disable 
it. But I agree that a public link is not a good idea and something 
should be done about it.

One simple possibility is to make all subdirs unsearchable, so that 
the user must know the exact path to a file to download it. (In fact 
I thought the web service was already configure that way, but clearly 
it's not.)

If more security is wanted, we can come up with something.

-- Russell

APO APO APO APO APO  Apache Point Observatory 3.5m  APO APO APO
APO
APO  This is message 935 in the apo35-general archive. You can find
APO  the archive on http://www.astro.princeton.edu/APO/apo35-general/INDEX.html
APO  To join/leave the list, send mail to apo35-request@astro.princeton.edu
APO  To post a message, mail it to apo35-general@astro.princeton.edu
APO
APO APO APO APO APO APO APO APO APO APO APO APO APO APO APO APO