Andre Durudas wrote:
Hello,
I am confused about the difference between the private and public file system on Drupal. As far as I understand I can access public files via their URL but that is not possible for private files. Is this correct? And is this the only distinction? Is it actually 'safer' to have the private file system enabled?
I don't know about safer but they may be slower depending on your PHP configurations. The private means that PHP will server the file through the Drupal interfaces while public means that httpd will server the file. With private you're assured that the user must authenticate and that user's role is allowed to be served the file; with public there is no assurance to that affect.
In this context, does anyone know how to best use IMCE with the private file system? I cannot upload files into nodes with the IMCE browser unless I uncheck the box "Disable serving of private files" in the 'Common Settings' of IMCE's configuration page. And if this setting is unchecked, can anyone with the URL access those files? This somewhat defeats the purpose of the private file system, doesn't it?!? Are there modules I could use to restrict access to those files? Or do I not understand this correctly?
Sorry, I don't. You may want to open a support issue with the imce project.