Forum Replies Created
regarding my second suggestion. The intention here was not to forbid the download of certain files nor to provide some kind of access right management but to provide a retrospective auditing of what the user really downloaded. By having a constrained directory, we could build a script with elevated privileges to write into that directory on behalf of the user. However, the user wouldn’t be able to fake or delete the file afterwards he had put it there. As such, an auditor could then inspect the contents of the file which was downloaded. Simply having an audit log may be insufficient in certain cases because the auditor may just see just a filename and not the contents of the downloaded file.ggkekasParticipant
Another very useful feature related to the above would be to restrict the download / upload functionality only from / to specific folders. This would allow us i) to extend the audit functionality if needed by simply observing only those folders and ii) to offer a kind of historic and retrospective view on the files that were downloaded / uploaded. The last is quite important especially for the download process, where we could design a solution with which a user would push files into the restricted area and only then he would be able to download them. However, he wouldn’t be able to delete them from that area. As such, an audit process could really check which files have been downloaded.