Prevent deep linking to media files
/media/ are generally world-readable if their URL is known. We must prevent this, as it might contain sensitive data (like person photos).
There are several options, of which we should chosoe a godo combination:
- Securing the storage with content hashes/salts/HMAC/etc. in the file and directory names themselve sto prevent guessing
- Tie access to code logic that checks access to the model the file is related to
- Use django-sendfile to serve media files from a frontend webserver but still retain privilege control inside AlekSIS