Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 02-09-2006, 08:21 AM   #1
LQ Newbie
Registered: Feb 2006
Posts: 8

Rep: Reputation: 0
Can not chmod from ftp client?

I setup vsftpd and all seems to be well. However, I can not chmod from the smartFTP client. It tells me permission denied. Is there some way that I can give my users permission to execute the chmod command?
Old 02-09-2006, 08:38 AM   #2
Registered: Oct 2005
Location: Oxford, UK
Distribution: Debian Etch (w/ dual-boot XP for gaming)
Posts: 282

Rep: Reputation: 31
Originally Posted by Squintz
It tells me permission denied.
It sounds like you don't have permission to chmod the files. Generally, you have to own the files (or be root) to change their permissions, though the actual criteria are probably more complex than that. man chmod doesn't mention them, and it's very hard to Google for permissions to issue the chmod command rather than those changed by it...

Edit: From playing around I haven't found any way to let someone other than the file's owner change it's permissions - and chances are, that's what the requirement is. My first thoughts on how to get around this is to add all the users to a special group, and then create a file, owned by root:<special group>, that basically just calls chmod. Then, if you set the SUID bit for the group, anyone in the group can essentially issue chmod as root. For security, you could add something in the script that checks the owner of the file and if it's not a particular user (or set of users), refuse to change it? That way, important system files couldn't be chmodded.

To take things a little further, you could create a text file containing names of files that may be changed by this chmod command (owned by root of course, and chmodded 600 or 644), and have the script load it in dynamically and see if the file to be changed is on that list. A little cumbersome, but not too much, and you get fine-grained control then.

Double-edit: Even better way - still set the SUID bit, but have the owner as your user (presuming that it's only one user's files to be changed). That way, you don't have to faff about with conditions and access lists, and there's no potential security backdoor.

Last edited by Dtsazza; 02-09-2006 at 08:51 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] FTP: recursive chmod (separate for directories and files) mgmax Linux - Software 11 01-29-2011 09:06 AM
ProFTPd ... FTP client fails to connect: timeout after client sends 'LIST' nutnut Linux - Software 2 01-01-2006 08:09 PM
chmod rights over ftp/telnet Garp Linux - Security 9 08-04-2005 07:20 AM
ftp chmod overflow vulnerability jerhughes Linux - Security 1 08-04-2004 05:22 PM
ipchains, ftp from client to non-ftp ports atari303 Linux - Networking 2 11-08-2002 03:43 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:18 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration