[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: no write permissions in movies dir: server unresponsive?

Subject: Re: no write permissions in movies dir: server unresponsive?
From: Billy Brown <email@hidden>
Date: Mon, 20 Oct 2003 14:16:37 -0700

On Monday, October 20, 2003, at 01:15 PM, Peter Kerr wrote:

Stef van der Ziel wrote Mon, 20 Oct 2003 16:43:39 +0200:
Since this is a workaround, I *really, really* hope that QTSS 5 is smarter, since anyone with access to the Movies directory on a current QTSS can still publish an .SDP file and start an unlimited webcast.
It's the security model based on "trusted" users. I know you said eg. "a kid playing with the technology", but that's one user I would sure give a separate box, on another subnet...
I agree QTSS needs to handle virtual servers on different IP nrs,
the way Apache does.


Try setting up your movies directory like this:

1)   /Library/QuickTimeStreaming/Movies/
      - do NOT place a qtaccess file in this directory

2) /Library/QuickTimeStreaming/Movies/nationalbroadcaster/ - Place a qtaccess file here that ONLY permits WRITE access to the national broadcaster's username

	/Library/QuickTimeStreaming/Movies/nationalbroadcaster/qtaccess
	=====================================================
	<Limit WRITE>
	require user NationalBroadcasterUser
	</Limit>

3) /Library/QuickTimeStreaming/Movies/kidplaying/ - Place a qtaccess file here that ONLY permits WRITE access to the "kid playing with the technology".

	/Library/QuickTimeStreaming/Movies/kidplaying/qtaccess
	=====================================================
	<Limit WRITE>
	require user KidPlaying
	</Limit>

Now, create 2 different 'qtusers' for broadcasting using the supplied 'qtpasswd' command-line utility. The qtusers file might then look like this:

	/Library/QuickTimeStreaming/Config/qtusers
	=====================================================
	realm Streaming Server
	streamingadmin:xyxyxyxyxyxyxyxyxyxyxyxyxyxyxyxy
	KidPlaying:xyxyxyxyxyxyxyxyxyxyxyxyxyxyxyyxyx
	NationalBroadcasterUser:xyxyxyxyxyxyxyxyxyxyxyxyxyxyxyyxyx

And then within each Playlist .config file, you would just place in front of the "playlist.sdp" string the (respective) sub-directory for a given playlist:

Example: (within the playlist .config file)

>    destination_sdp_file "/nationalbroadcaster/playlist.sdp"

or

>    destination_sdp_file "/kidplaying/playlist.sdp"

This way no one can announce a playlist (or live stream) in the main movies directory, and likewise none of your other users will be able to conflict or overwrite each other.

--
Billy Brown
_______________________________________________
streaming-server-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/streaming-server-users
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: no write permissions in movies dir: server unresponsive?
  - From: Stef van der Ziel <email@hidden>

References:
	>Re: no write permissions in movies dir: server unresponsive? (From: Peter Kerr <email@hidden>)

Prev by Date: Re: no write permissions in movies dir: server unresponsive?
Next by Date: QTSS 5 ?'s
Previous by thread: Re: no write permissions in movies dir: server unresponsive?
Next by thread: Re: no write permissions in movies dir: server unresponsive?
Index(es):
- Date
- Thread

Home