Thiago H de Paula Figueiredo wrote:
Would a black list intead of a white list better? I suppose there are
less files to hide than files to allow access.
Well, I think that one of the best principle in security is "explicit
authorization" : you just do not want that a confidential file is
accessible by error, because a user forgot to hide it.
But I agree that the white list should authorize jokers to enable
"*.jpg" kind of filter (and if you name your confidential file
"picture_of_my_secret_weapon.jpg", well, to bad for you ;)
--
Francois Armand
Etudes & Développements J2EE
LINAGORA SA - http://www.linagora.com
Tél.: +33 (0)1 58 18 68 28
-----------
InterLDAP - http://interldap.org
FederID - http://www.federid.org/
Open Source identities management and federation
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
