Hi,
I need some possible suggestions if I may asked to not setup, or have to
setup WebDav on OpenBSD to allow users to do their web folder stuff. It
can be setup with ftp for example to allow them to map a folder in their
"network place" on XP for example, but then they can't do the stupid
"save as" and just for that, they want to use the WebDav. However, then
it need to allow write access via http and the full load of issues that
could with that when combine with php, etc.
I only allow ssh access and in very special case, I had accepted ftp
from specific locations control via PF, but because of the stupid save
as, they are screaming for WebDav, or mod_dav, witch I really would like
to avoid totally.
I just don't see the benefit worth the risk required to allow it.
May be I am wrong and someone could in light me, witch I would very much
appreciate, but again, may be there is an alternative using SSH that I
do not know.
I provided WinSCP years ago and it sure works well, plus I can control
access via ssh with PF too, witch I would loose introducing WebDav.
I hate all these users that can only work using a GUI like interface all
the time and fell they need everything to be done via http.
Anyone can provide me some ideas, or alternative here as I am running
out of them and being view as the asshole that always refuse flexibility
for security is fine, but may be there is something I can do to keep it
safe and give the winers a bone.
I hate the Microsoft centric bias users that care less for security, but
would also be the first to scream should there be compromise too.
Any suggestions here?
Sorry for the somewhat off topic question, but I need suggestion if
there is any.
Best,
Daniel.
