Stopping FTP Users from Deleting Files


#1

I have a client that I have set up an FTP-only user for. They have several people that occasionally upload files and the system works fine. Just to be diligent, however, I want to make it so any file they upload can not be deleted, just to make it safer, more obvious, and more secure for them. How can this be done. Thanks.

thomas shaddox


#2

It is not possible.

If you allow them to upload files, you already grant write permission to the users. Once they have write permission, they can write, edit, and delete files.

Too bad :frowning:

$50 off and 3 free domains with code: [color=#CC0000]DH3[/color] Sign Up NOW or More Codes Here


#3

That’s too bad. Is this a possibility with anonymous ftp? Because I entered an online film competition once, and could log in to their ftp and upload my own video and see everyone else’s uploads, but could not delete/rename/modify any of the uploaded files, including my own.


#4

The easiest approach would be to run a cronjob that removes the write permission of whatever is in that FTP directory. The downsides are 1) there’s the off chance that someone will delete a file before the cronjob runs, and 2) the cronjob may interrupt someone’s upload by making that file read-only. (edit) By scheduling the cronjob in the middle of the night, it’ll help avoid #2, but widen the window for #1 to happen.

A more elaborate setup would have a dropbox in your FTP directory, and a cronjob that periodically copies whatever is in the dropbox into another folder with read-only privileges. Then delete dropbox files that are more than a day old.

-Scott


#5

You will need to purchase a Unique IP to have anonymous ftp.

What you need is to remove write permission on the folder. I don’t have anonymous ftp in DH and am not sure whether it solves your problem :frowning:

$50 off and 3 free domains with code: [color=#CC0000]DH3[/color] Sign Up NOW or More Codes Here


#6

You might be able to accomplish what you’re looking for with the sticky bit. While this won’t keep users from renaming or removing their own files, it can keep them from renaming or removing other people’s files while still being able to upload and read from a particular directory.

If you created separate FTP logins to the same directory for each user, you might be able to accomplish something “close enough” to what you’re looking for.


#7

With regards to a cronjob which periodically changes permissions:

On linux its trivial to see if there is an open file handle on the file with lsof or fuser. If you created a cronjob, simply have it check for an open file handle and skip a permissions change on any file which is currently being accessed.

There is still a race condition chance where someone could open() the file between the time of check and execution of the permissions change. Shell scripts aren’t atomic.

A better idea might be to create a sticky bitted directory without read permissions, which a cron job periodically goes through and moves file to a read only directory to make available for download.

In both cases, you don’t want your cron job to be “rude” and run too often but you also want the files to be available as quickly as possible. I’ll leave the frequency as a exercise for the reader.