Linux.com

sonicblaze

sonicblaze

  • Linux.com Member
  • Posts: 2
  • Member Since: 13 May 09
  • Last Logged In: 09 Dec 09

Latest Posts

Posted by
Topic
Post Preview
Posted
  • sonicblaze
    RE: FTP file security
    I've thought about using that, but the issue is seperate logins. I have been unable to talk the business into doing this, because it "complicates things more than just having the one login for such a simple and unimportant ftp site". That's why I'm trying to figure out if there is a way with ACL's, although I'm thinking it might be a lost cause as I've been unable to get them to do what I need. Maybe there is a way to do it with SELinux roles...?
    Link to this post 04 Dec 09

    I've thought about using that, but the issue is seperate logins. I have been unable to talk the business into doing this, because it "complicates things more than just having the one login for such a simple and unimportant ftp site". That's why I'm trying to figure out if there is a way with ACL's, although I'm thinking it might be a lost cause as I've been unable to get them to do what I need.

    Maybe there is a way to do it with SELinux roles...?

  • sonicblaze
    FTP file security
    Hi! I have an FTP server, chrooted to a directory, /ftproot. I have a couple hundred users whom use this for nothing but uploading files for someone else to download. So, everyone uses the same login. This is currently running on a Windows box, and works great. Files can get created and uploaded, but not overwritten or deleted. So everyone can upload files, no one can ever overwrite them or delete them. I am transferring this task over to a linux box, but having problems with setting up that type of security. I need to allow people to upload files and create folders, but not overwrite or delete anything even if they are the owner. I am running VSFTP, and have the file_open_mode set to 440 to set all new files, but they can still delete the new files in which they have R only permissions(I assume this is because they have RW on the root folder). I've goofed around with setting up ACL's with setfacl, but I can't seem to find what the right combination of permissions/defaults is. I either lock myself out all together from doing anything, or I have full access to create/delete. Anyone know what the correct permissions would be for the ACL list, or else maybe a different way of going about this?
    Link to this post 03 Dec 09

    Hi!

    I have an FTP server, chrooted to a directory, /ftproot. I have a couple hundred users whom use this for nothing but uploading files for someone else to download. So, everyone uses the same login.

    This is currently running on a Windows box, and works great. Files can get created and uploaded, but not overwritten or deleted. So everyone can upload files, no one can ever overwrite them or delete them.

    I am transferring this task over to a linux box, but having problems with setting up that type of security. I need to allow people to upload files and create folders, but not overwrite or delete anything even if they are the owner. I am running VSFTP, and have the file_open_mode set to 440 to set all new files, but they can still delete the new files in which they have R only permissions(I assume this is because they have RW on the root folder).

    I've goofed around with setting up ACL's with setfacl, but I can't seem to find what the right combination of permissions/defaults is. I either lock myself out all together from doing anything, or I have full access to create/delete.

    Anyone know what the correct permissions would be for the ACL list, or else maybe a different way of going about this?

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board