nixCraft

Hi all,

We have the following requirement..

we have a ftp account in the server which is shared by different clients, the requirement is what ever files uploaded by any client, should not viewed by other clients. I given only write permission to this account.. but still not able to achieve the hiding of data..

is there any other way to achieve this?
i don't want to create different client accounts..

__________________
Thanks,
Surendra Kumar Anne
Ubuntu: Simple, Stylish and Striking..!
Linux: Fast, friendly, flexible and .... free!
Support Open source.

chroot each account. Are you using vsftpd? If so just search cyberciti.biz for vsftpd chroot.

__________________
Vivek Gite
Linux Evangelist
Be proud RHEL user, and let the world know about your enterprise choices! Join RedHat user group.
Always use CODE tags for posting system output and commands!
Do you run a Linux? Let's face it, you need help

We have chroot facility.. but problem is that we have to share same client account details(this is the requirement by one project) with different clients..

here clients will be varying all the time.. so they don't want to create individual client accounts and applying ch-rooting to that particular folder..

any inputs.. i here that its possible.. to hide/deny listing of folders in server..

__________________
Thanks,
Surendra Kumar Anne
Ubuntu: Simple, Stylish and Striking..!
Linux: Fast, friendly, flexible and .... free!
Support Open source.

For those who did not understand my previous requirement

I want to have an ftp user that is very restricted. I want user to be able to write only is shared with so many users. . We do not want them to be able to see any of the files in the upload directory, or download any files. Basically, i want to jail them into an unreadable directory so all they can do is upload. We do not want anonymous access. Please help.

__________________
Thanks,
Surendra Kumar Anne
Ubuntu: Simple, Stylish and Striking..!
Linux: Fast, friendly, flexible and .... free!
Support Open source.

__________________
Thanks,
Surendra Kumar Anne
Ubuntu: Simple, Stylish and Striking..!
Linux: Fast, friendly, flexible and .... free!
Support Open source.

Can you paste your config file?

__________________
Vivek Gite
Linux Evangelist
Be proud RHEL user, and let the world know about your enterprise choices! Join RedHat user group.
Always use CODE tags for posting system output and commands!
Do you run a Linux? Let's face it, you need help

Another way of achieving this would be to use a script after each upload. Pure-FTPd supports this feature.
Pure-FTPd and the Upload-Script Feature

If you are using vsftpd, try setting the dirlist_enable variable to NO in the vstpd.conf file. I have not tried it our, but the doc (Manpage of VSFTPD.CONF) says it should deny all directory listing commands.

Below settings achieved Write only Access to FTP Server.

Once Data get upload user unable to see it.


Testing on Test FTP Server

/usr/sbin/useradd -c "testing Write Only Account" -d /home/UserA/ -m -s /bin/sftpsh UserA

/usr/sbin/useradd -c "testing Write Only Account" -d /home/UserA/UserB/ -m -s /bin/sftpsh UserB

/usr/sbin/useradd -c "testing Write Only Account" -d /home/UserA/UserC/ -m -s /bin/sftpsh UserC

/usr/sbin/useradd -c "testing Write Only Account" -d /home/UserA/ -m -s /bin/sftpsh UserD

[root@test-pc1 root]# passwd UserB

[root@test-pc1 root]# passwd UserA

[root@test-pc1 root]# passwd UserD

[root@test-pc1 root]# passwd UserC


[root@test-pc1 root]# tail -4 /etc/passwd
UserA:x:533:533:testing Write Only Account:/home/UserA/./:/bin/sftpsh
UserB:x:534:534:testing Write Only Account:/home/UserA/UserB/./:/bin/sftpsh
UserA_client:x:535:535:testing Write Only Account:/home/UserA/UserC/./:/bin/sftpsh
UserD:x:536:536:testing Write Only Account:/home/UserA/./:/bin/sftpsh
[root@test-pc1 root]#

Add users to Group "UserA"

[root@test-pc1 root]# tail -4 /etc/group
UserA:x:533:UserD,UserB,UserC
UserB:x:534:
UserC:x:535:
UserD:x:536:

Apply SGID(2) & permissions (770) to Parent Folder

[root@test-pc1 home]# ls -ld /home/UserA/
drwxrws--- 6 UserA UserA 4096 Mar 11 16:54 /home/UserA/

Apply SGID(2) & permissions (370) to Parent Folder and ownership as shown below

[root@test-pc1 home]# ls -l /home/UserA/
total 8
d-wxrws--- 4 UserB UserA 4096 Mar 11 19:46 UserB
d-wxrws--- 4 UserC UserA 4096 Mar 11 19:42 UserC

Observation of Handling / Accessing SFTP Accounts :
1) Client should use WinSCP for login to FTP2 Server and for coping data
2) Client Accounts("UserB" & "UserC") may get below shown error while they login and while coping data so please ignore this errors.

This is what exactly what i am looking.. this solves the problem..

__________________
Thanks,
Surendra Kumar Anne
Ubuntu: Simple, Stylish and Striking..!
Linux: Fast, friendly, flexible and .... free!
Support Open source.