Questions tagged [file-access]
The file-access tag has no summary.
150 questions
0
votes
1
answer
126
views
How do I ensure that a file remains as I expect it to on my webserver?
I am playing around with Codeigniter (not really important, but just for sake of completeness) and I try different things. Do not ask for real word application, it is just for fun and also to learn.
...
1
vote
1
answer
175
views
Is it safe to store harmful files to storage like AWS S3?
I am new to security topics, please don't assume knowledge and spare no details if you're able to answer my questions.
I am trying to design a system that performs the basic functionality of ...
- 11
1
vote
0
answers
134
views
How to create read-only pendrive (no availability of coping, deleting or overwriting) [duplicate]
I want to create pendrive or external HDD, that is read only.
To be precise - I want to be open to read files on it (documents or video files), but to prevent files from being copied off disk.
As I ...
0
votes
1
answer
175
views
SACL for shadow copies
I'm researching the topic of detecting registry dump from disk shadow copies and realize that I don't see any specific events in the Windows and Sysmon logs.
I tried a simple copy with the command:
...
- 11
1
vote
0
answers
200
views
Best collaboration and file sharing platform across multiple organizations (and IT ecosystems) [closed]
Four discrete organizations wish to share calendars, files, and folders for collaboration purposes on multi-year projects (including regular online and in-person events).
Each one has their own ...
- 11
1
vote
1
answer
396
views
Unlisted directory discovery of a web server without using bruteforce attacks
Some creator I support on SubscribeStar hosts their files on a dedicated AWS web storage server of theirs and the names are easily accessible and sometimes guessable without any kind of security or ...
- 111
1
vote
0
answers
3k
views
Can I know if someone transferred files from my mobile to their computer
If someone connected my phone through USB to computer or laptop and transferred files from my mobile, is there any option to check in my mobile that they used particular apps or opened and transferred ...
1
vote
1
answer
350
views
Can websites, through cookies or other usual means, access PDFs opened in browser?
Can websites through the use of cookies or other usual means, see the content in a PDF (saved and opened locally or opened from the web) that is also opened in the browser at the same time, or in the ...
0
votes
1
answer
1k
views
PHP - How to block files access in specific directory from the external
I made a very simple dashboard with HTML/PHP/JS (and a MySQL database) where some users (after a secure login with username and password) can access and insert some activities with details and attach ...
- 1
2
votes
2
answers
262
views
Ways to inject malicious content during a HTTP file transfer
Assume an Apache server (http, no authentication just hosting static files) is running in my local network which is hosting some zip files. Assume User A is requesting a zip file from the Apache ...
0
votes
1
answer
129
views
How to prevent a user retaining file access with an open handle on Windows?
Suppose a user is a member of a group, and they open (in the Windows API sense) a file whose DACL grants access to that group.
Then, the user stops being a member of the group.
Since access checks are ...
0
votes
1
answer
178
views
How can opening a non-existing file cause a security vulnerability?
I was reading on race conditions when I encountered the paragraph below:
How exactly does trying to read a non-existing file cause a security vulnerability?
0
votes
0
answers
142
views
Possible pitfalls with filesharing using local account instead of domain account
I've recently eradicated Active Directory from my network. However, I'm having trouble verifying there is no issue with sharing files using a local account instead of a domain account.
I have exactly ...
- 1
0
votes
3
answers
807
views
If email is an insecure medium, why are usernames and passwords sent via email (albeit in separate ones)?
At work we are using a secure file transfer utility that, after setting it up, sends you and the participants you want to share those files with, two emails. One email contains the randomised username,...
- 175
1
vote
1
answer
333
views
Does adding a randomized string in S3 file path has equal security to Google Drive shared link
I would like to use an AWS S3 bucket to store my IoT firmware file and allows all of my IoT devices to access it to update the firmware to the latest version.
I want that the firmware file in the S3 ...
- 395