Security? file://

spike

sometimes stupid
Hi,

If I type "file://<myIP#>" into my web browser it displays a list of my local files.

Im assuming anyone else could view my files too whilst I am online. I dont have another Mac to check it on.

Does anyone know how to stop it doing this?

thanks, spike.
 

spike

sometimes stupid
not even if they know my IP address?

i.e. they type "file://myipaddress"

Oh wait, I suppose they couldnt becuse stuff needs to go via certain ports and things doesnt it?

Like http is on port 80?

So I guess "file" is not an internet protocol is it?

So isnt going to get through any routers.

Does that make sense?

Have I just answered my own question?

Can I ask anymore questions?! ;)

Thanks, spike
 

baur

Registered
It's worth mentioning also that there is a *big* difference between file:// and http:// if you are doing web development.

When you use file:// the OS is using the filesystem to display the pages, not the web server. Even if you have apache running, it will *not* process the files.
Usually, this is not a problem, unless you do perl or php development (or anything else that requires the server to do some work).

For those, you need to use the http:// method to get to the pages to test them properly. For the paranoid at heart, that doesn't mean you have to open yourself up to outside sharing, if fact, you don't even need to be on a network to do it.
When you type http://127.0.0.1 or http://localhost it will connect using the loopback IP interface, and not even touch the ethernet card, but it *will* be processed by the web server running on your local machine.
 
Top