Subsonic Forum

Posted: **Fri Feb 29, 2008 7:43 pm**

Some of my users use the upload feature, and it works fine, but I think the specification of the upload directory is misplaced. My users shouldn't have to know the directory structure of the server to upload. I would prefer to have this set once in the settings, and it not even be exposed to the end user.

Posted: **Mon Mar 10, 2008 11:55 am**

Same request here. I don't want that my users can upload files to another directory than the 'incoming' directory.

Posted: **Mon Mar 10, 2008 12:15 pm**

Yes in deed, this would be an important feature, as tomcat runs as root on my machine

To avoid changes by mistake, you can vim /usr/local/tomcat6/webapps/subsonic/WEB-INF/jsp/more.jsp, go to the bottom and change the input-field containing the default path like this:

Code: Select all: <input type="text" id="dir" readonly name="dir" size="37" value="${model.uploadDirectory}"/>

This change does not prevent abuse!

Posted: **Tue Mar 11, 2008 2:38 pm**

Just for the record: Subsonic does not allow uploading to a directory outside the defined music folders.

And yes, I agree that having a fixed "incoming" directory is probably a good idea.

Cheers,
Sindre

Posted: **Tue Mar 11, 2008 3:46 pm**

sindre_mehus wrote:Just for the record: Subsonic does not allow uploading to a directory outside the defined music folders.

And yes, I agree that having a fixed "incoming" directory is probably a good idea.

Cheers,
Sindre

Good to know - thanks for the reply!

Posted: **Tue Mar 11, 2008 4:12 pm**

pampelmusenmann wrote:Yes in deed, this would be an important feature, as tomcat runs as root on my machine

To avoid changes by mistake, you can vim /usr/local/tomcat6/webapps/subsonic/WEB-INF/jsp/more.jsp, go to the bottom and change the input-field containing the default path like this:
Code: Select all
<input type="text" id="dir" readonly name="dir" size="37" value="${model.uploadDirectory}"/>

This change does not prevent abuse!

Are you running as root just to run on port 80? If so I would suggest running on 8080 (or anything >1024) and setting a firewall PREROUTING redirect NAT rule to forward TCP port 80 to your Tomcat port. In my experience this is the cleanest way to effectively run Tomcat on port 80 without having to use root or edit bootstrap scripts to change user.

Posted: **Thu Mar 13, 2008 2:37 pm**

@crudson

hey m8,
yes i am running tomcat on port 80 - i changed 8180/8080 in the server.xml to 80 ,this is just because of the portfilters we got at work.
I installed subsonic 'by hand' and not via apt-get install - so i "have" to run tomcat (and java) as root as i dont know how to define another useracc. to start it via the .sh-file in /etc/init.d/ or in rc1.d/rc2.d

If anyone has a good idea how to run tomcat as any other user (e.g. tomcat) pls tell me! :roll:

(I used this how2: http://www.howtogeek.com/howto/linux/in ... on-ubuntu/)

Subsonic Forum

Upload directory a server-wide setting?

Upload directory a server-wide setting?

ot