CGI — Temporary files
https://stackoverflow.com/questions/2022835
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm developing a little CGI application (in C, with CGIC, http://www.boutell.com/cgic/). My application needs to create a temporary file (the user upload an images, it is saved, modified in various ways, and then shown back to the user).
What precautions should I take while creating temporary files?
The modified image is provided dynamically by a CGI script which then removes the tempfile from disk:
Something like that:
<html><head><title>here's your modified image</title></head><body><img src="cgi-bin/genimage.cgi?uid=5423423 /></body>
However a malicious user could upload an image and never request the modified image, so filling the hard disk.
Should I remove periodically unused files?
Many thanks!
Solution
If your storage space is finite and you have an unknown amount of data coming in, you'll need to decide what to do when there's more data that you can store. That will come up one way or another. If you pretend to provide unlimited storage, there will be a DoS when you can't.
Any strategy probably falls into the following two (3, if possible) ways:
When over high water mark,
- drop the oldest / least wanted data to make room
- drop incoming data to avoid becoming full
- pause incoming data until back below low water mark
2 and 3 will still need you to find new storage somehow, so something will either have to be deleted or you'll need more storage. 1 is pretty self-maintaining, but it may be possible to flush all useful old data out of it by sending in enough new garbage. Making a ranking system (last accessed, most accessed, loaded by privileged user, combintion of those...) and deleting least important may be the best balanced thing.
OTHER TIPS
Using CGI for direct application design is questionable -- i.e., not a web-framework/app-engine. I would suggest using Java for your image manipulation, or wrap it in lua or python or something.
If you continue with C make sure you put restrict the CGI execution environment, put it in a jail, check this post out for some inspiration, here is another one.
