#1176 new defect

webapi should avoid using plaintext temporary file for uploads

Reported by: davidsarah Owned by:
Priority: major Milestone: soon
Component: code-frontend-web Version: 1.8β
Keywords: confidentiality Cc:
Launchpad Bug:

Description (last modified by davidsarah)

In ticket:990#comment:17, davidsarah wrote:

warner wrote:

The upload-side webapi server will still put large (>100kB) plaintext files on disk (in an anonymous tempfile),

Perhaps it should be using EncryptedTemporaryFile?

On closer examination I think the relevant code is in twisted.web.http, so that might be easier said than done.

Change History (4)

comment:1 Changed at 2010-08-14T20:57:58Z by davidsarah

  • Description modified (diff)

comment:2 Changed at 2010-08-16T00:39:18Z by warner

Hm, I like the idea. Yeah, the code is in twisted.web.http.Request.gotLength, but since we've making a subclass anyways (allmydata.webish.MyRequest), it might be pretty straightforward (add a gotLength method). OTOH, Nevow might do something weird. Should be a pretty easy experiment, though.

comment:3 Changed at 2011-08-13T23:32:30Z by davidsarah

  • Milestone changed from 1.9.0 to soon

comment:4 Changed at 2011-09-26T20:28:14Z by davidsarah

#1228 is about streaming upload, which is another way to avoid having a plaintext temporary file than encrypting it.

Note: See TracTickets for help on using tickets.