
Show HN: OpenS3, a simple storage server - zadoxsis
http://pablo-merino.github.com/OpenS3/
======
tedchs
First, a warning -- I read through the Ruby source code for this project and
it does zero input validation and is subject to many glaring security
vulnerabilities, including directory traversal attacks. If you run this code,
be prepared to serve up your entire disk to the Internet -- read/write at
that!

If you want a REST/JSON based HTTP file storage server, just run Riak. Or if
you want HTTP but don't care about JSON, fire up a WebDAV server of your
choice. Incidentally, both of those technologies are about as compatible with
the S3 protocol as this so-called "OpenS3" project... which is to say, they're
not at all.

If a 200-line Rack hack is what it takes to make HN then I need to start
submitting more of the code I write...

~~~
zadoxsis
Hello! I appreciate your critic, but keep in mind I'm a Ruby beginner, I do
this kind of things, and I feel proud of what I achieve. You made me notice
the low security it has, so I'll try to fix it. Thanks!

------
pkieltyka
This would be even cooler if it implemented the S3 REST protocol so that
people could use existing S3 clients.

Could be useful for testing or home-grown S3 network. Ie. put that in front of
a bunch of Riak-backed servers.

~~~
zadoxsis
Hey thanks! I'm building a new one using the S3 API, it should be working in a
few days!

------
rollypolly
Good job!

I love Ruby, but do you have any plans for a C implementation?

It would allow binding to a lot of other languages.

~~~
zadoxsis
Hello! It would be cool to have a C implementation, but I don't know C, so I
couldn't do it. It'd be nice if someone made a C implementation! I'd push it
on the main repo under the C branch

