File/Folder Permissions with FTP

scottpioso · 01-02-2004, 05:27 PM

Hello,

I have an FTP server using VSFTPD. First, it's a major PITA to get working right because the config file is so picky about everything. . . .

However, I have a question about folder and file permissions. I want to allow a user to upload files and copy files down but not REMOVE files from the server via the cut gui tool. What I have is a folder named x and I set permissions for read and write to the ftp user. However, on the files within the folder, I set the permissions as read only. However, this doesn't seem to work because when I FTP from a different box, I can cut files right out of the server. This I do not wish to happen.

Does anyone have any ideas as to how I can get this to work the way I want it to? Thank you.

unSpawn · 01-04-2004, 02:01 PM

I want to allow a user to upload files and copy files down but not REMOVE files from the server (...) What I have is a folder named x and I set permissions for read and write to the ftp user. However, on the files within the folder, I set the permissions as read only.

Removing a file changes the listing of its parent dir (it's a filesystem thing). If you would change files to have mode 0700, the parent dir 0500, then remove the file you'd see it would fail. With respect to your email, it would be best if download and upload are separate dirs. Especially if you allow anonymous uploads, the upload dir should not have read permissions and uploaded files should be chmodded to an "inactive" user. This way uploads are not accessable and the risk this feature can be abused will be smaller.

scottpioso · 01-04-2004, 03:40 PM

Thanks a lot!! That worked out fine. I can't believe I had never thought of that before. DUH!!

) Have a good week!

katmai90210 · 01-09-2004, 04:46 PM

if the VSFTP is so picky why don't you get proFTPD or pureFTPD ??? easier to install and also to configure

scottpioso · 01-09-2004, 05:14 PM

Hi Kat,

Well, I screwed up my entire drive by trying to modify permissions. Someone was able to access the root directory and when I tried to figure out what happened, I locked myself completely out of the machine. I could not boot to the GUI which kind of made the system useless. However, I will when I have the time to reinstall Linux your suggestions.

katmai90210 · 01-10-2004, 12:55 AM

in the config file ... set up that line that says that users will be chrooted into their home dirs ... at least in proftpd i know it is ...

scottpioso · 01-10-2004, 08:20 AM

Thanks, as I said, when I have some time, I'll try those programs but right now, I'm packing to be moving so there's not much time that will be spent on the computer right now.

enteal · 01-23-2004, 09:33 AM

Hi

To u configure on vsftpd the chroot... u have 2 ways...
first go in vsftpd.conf and uncoment the line "chroot_list_enable=YES"
the ways:

1 - Chroot_list: u have to uncomment the line "chroot_list_file=/etc/vsftpd.chroot_list" and after it create the archive vsftpd.chroot_list on /etc , put the user names u want to limit on him folder.

2 - U can write a line enabling all local users to their folders. add a line "chroot_local_user=YES"

Rafael...

Visit our site...
http://www.suacidade.com.br

RedCatcher · 03-12-2004, 02:19 PM

It is interesting I found this thread as it's similar to the same issue I have. I am using Pure-FTPD and a FTP server and have setup an upload directory if limited permissions (world has write only). The rest of the directories are all RWX (user and group). My problem is that if someone is wanting to load a program that has sud-directories they are given an error message that they can not recreate the directory.

Anyone have a fix for that?

Red