Hello,
I've tried to password protect the public folder of my idisk using iDiskUtiliy or the system preferences in OS X 10.4 (both seem to do the same). After password protecting the public Folder I need the password to mount the public folder of my idisk in either Windows XP or Mac OS X. So far so good.
But if I upload a file (let's say "file.pdf") and enter
http://homepage.mac.com/LOGINNAME/.Public/file.pdf
(LOGINNAME = member name of idisk account)
I can still access this file - without the password. A friend of mine has tried the same with his idisk - same results. It's nice to password protect the public folder (to share documents with colleagues) but it should be protected regardless where I try to access these files. Making it possible to access them over a browser without password just ... throws the whole idea out of the window. I mean, you don't even need - or rather must use the iDisk Utility (because this still needs the password) ...
So, three questions:
1st: Can anyone replicate this?
2nd: If so, why are the documents publically accessible over the web browser?
3rd: Since directory listings are not allowed one needs the file name to access the file with the URL posted above ... is at least this secure (i.e. do Search Engines have the same problem and can't log this file)?
An answer would be much appreciated ...
Thanks in advance,
Daniel
Top
