I set up a php script to upload files into my incoming directory. It
works, but there's one thing puzzling me. I don't want it to be
possible for mischief-makers to upload more and more files and max out
the disk quota on my account. So I thought I would just have the
script look at the sum of the file sizes already in the directory, and
refuse the upload if there is already too much stuff there. The
problem is that the incoming directory is write-only, so the script
can't look at the sizes. I could use a different directory that's
read-write, but they say you shouldn't have such a thing for security
reasons.
More generally, I'm unclear on the concept of how to allow PHP scripts
to do things that anonymous users can't.
The web server is running FreeBSD, and is at a hosting company, so I
don't have root access to it.
works, but there's one thing puzzling me. I don't want it to be
possible for mischief-makers to upload more and more files and max out
the disk quota on my account. So I thought I would just have the
script look at the sum of the file sizes already in the directory, and
refuse the upload if there is already too much stuff there. The
problem is that the incoming directory is write-only, so the script
can't look at the sizes. I could use a different directory that's
read-write, but they say you shouldn't have such a thing for security
reasons.
More generally, I'm unclear on the concept of how to allow PHP scripts
to do things that anonymous users can't.
The web server is running FreeBSD, and is at a hosting company, so I
don't have root access to it.