Posted by: rbilsbor
Posted on: 2006-07-12 21:45:00
hey all--
basic question: i want to use my dreamhost account to store some personal backup files (outside of my hosted website). if i login with my FTP account and just create a directory (NOT under the dot-com folder), am i correct in assuming that only i have access to this and that it's a decently secure way to store files? if not, is there a better way? thanks for your help!
Ryan
Posted by: rlparker
Posted on: 2006-07-12 22:00:00
In reply to:am i correct in assuming that only i have access to this and that it's a decently secure way to store files?
As a practical matter, that is probably true enough, as the files are not going to be accessible from the web even though they are stored on a "web server".
But the *real* answer to your question is probably *NO*, as your files are still accessable to "root" and, depending on your permissions, potentially other users on the server.
Setting the appropriate permissions will protect you other users sharing your server, but I know of no way to hide your files from the system administrator of the system on which you are a user. I am not trying to be nit-picky with the distinction, but your question *did* say "only I have access".
As for whether or not it is "decently secure", you have to decide what constitutes "decent" and who you want the files secured from. I would never store anything on a shared server that I did not want the system administrator to see, but if you just want to keep your files as private as they can be on *any* shared system, you are probably "ok" as long as you set your permissions properly.
You could also encrypt your files so that, though the system adminisrator could access them, he/she would most likely be unable to break the encryption and read them without the resources of (insert name of governmental intelligence agency here) ;-)
--rlparker
Posted by: rbilsbor
Posted on: 2006-07-13 14:02:00
thanks for a great response!
i deleted my stuff. it's important that only i have access to these files--do you have any suggestions for a good service out there for this type of thing? most of the ones i've looked at charge money, but i'm only going to be storing .pdfs, .docs, and other documents--nothing large or multimedia, so it seems like something that you might be able to find for free...
thanks,
Ryan
Posted by: kchrist
Posted on: 2006-07-13 15:20:00
Keep in mind that whenever you store unencrypted data on someone else's server, you're potentially giving access to at least one other person: the server admin. This is true here, or at any other storage service out there.
Dreamhost is as good a place as any to store files; it can be made secure from other users, and it's pretty unlikely that the DH sysadmins spend their time poking through their users' files. That said, anything sensitive should still be encrypted, and if you need a web interface to it and permissions for other users you'd be better off going with Strongspace or something similar.
Posted by: matttail
Posted on: 2006-07-13 15:46:00
If encrypting your files and setting access permissons don't work for you, I don't think you should be considering anything on the internet. If your files are that sensitive they need to be on somehting that only you can physically access, plus encription.
I definatly wouldn't even consider a free service of any sort, not for a min. Your files are much safer sitting behind the web accessable area that on some add run site.
That's my two cents anyways.
--Matttail
art.googlies.net - personal website
Posted by: Raz2133
Posted on: 2006-07-13 21:30:00
In reply to:If encrypting your files and setting access permissons don't work for you, I don't think you should be considering anything on the internet.
I agree with Matttail on this. If the information is as sensitive as you say, it should not be stored on any system that you do not have complete control of, definitely not one that is connected to the Internet.
Mark