[DECtalk] dectalk is offline

Tony Baechler tony at baechler.net
Mon Apr 4 01:49:15 EDT 2005 

Hi Jayson.  OK, I'll be brief.  Contact me off list if you're interested in 
any of this.

First, you're right about copyrights and web hosts.  Most of them charge 
too much in my opinion.  One you could look at is TRK Hosting.  They are:

http://www.trkhosting.com/

They are probably the most liberal about what you can host, but there is 
most likely a provision on copyrights.  I am reasonably sure that quite a 
few of the songs are still under copyright.  I know for sure that Daisy is 
in the public domain.  I also know for sure that Red Dwarf is copyrighted 
and this could seriously cause you problems.

Now, about the secure upload directory.  As you know, I am now running 
Gentoo.  While I am no expert, I am learning some things.  The biggest 
thing I have learned is how to create a secure crontab that actually 
works.  In other words, you could set it to automatically move files every 
15 minutes, 24 hours a day.  I finally learned the basic crontab 
syntax.  You should read this if you haven't already, it is very helpful.

http://www.gentoo.org/doc/en/cron-guide.xml

Finally, about the php form generator.  I would like to look at it 
please.  We really need a form generator anyway, and I think it would be 
easy to set up the uploading to go outside of a visible area.  I have 
recently been fighting with Apache so I have a fairly good idea how this 
could be done securely.

One more thought on a secure, private incoming directory.  I know this can 
be done with Proftpd because sites do it all the time.  I have some example 
config files that tell you how to do this.  I can send them to you or let 
you download them.  Actually, you still have a shell account here so just 
ask if you want to look.  There is one major security problem with using 
any cron script, especially if it only runs once per day.  That allows x 
hours from when a file is uploaded to when it gets moved.  That means that 
I could use your ftp site as a drop spot, as long as the other person gets 
the files within 22 or 23 hours.  Also there is one big flaw in that I know 
that Gentoo runs cron.daily at 3 AM unless you change it.  I suggest that 
you read the above guide or write me off list to work out something more 
secure.  Actually, I am having some problems setting up Gentoo and could 
use a little help.

More information about the Dectalk mailing list