On 10/10/2014 05:08 PM, Len Ovens wrote:
> On Fri, 10 Oct 2014, Ivica Ico Bukvic wrote:
>
>> So, everything works, except no matter what permissions assign via
>> umask, even if I change ownership manually via a different ssh user
>> session, sftp client can still erase the file. How is this possible?
>> And more importantly, how can one circumvent that? And perhaps most
>> importantly is there an easier way to do this?
>>
>> Below are permissions of folders in question:
>>
>> drwxr-xr-x 3 root USER 4096 Oct 10 15:21 .
>> drwxr-xr-x 36 root root 4096 Oct 7 12:16 ..
>> drwxr-xr-x 2 USER sftponly 4096 Oct 10 19:39 submissions
>>
>> Any idea how this can be fixed?
>
> I don't know how easy it would be to do, but on uploading, create a
> hard link to a file in a directory on the same drive where the user
> does not have access. The hard link can have a different
> owner/permitions. Once the upload is complete, unlink the original
> uploaded file. This is effectively a mv, but with owner/permitions
> changed. The file doesn't have to be fully uploaded before the link is
> created so long as the filename is already in the directory.... but
> watch for an sftp client that uploads under an upload name, but
> creates a zero length file with the final uploaded name to save the
> file name on the disk and then mv the uploaded file to that name. You
> may have to look for both names. (they are normally similar) You could
> write a simple service that just watches the upload directory for new
> files and fixes them that way.
Thanks for the advice. This, however, needs to be as automated as
possible, meaning we give access to submitter and they do it all themselves.
>
>
> --
> Len Ovens
> www.ovenwerks.net
>
-- Ivica Ico Bukvic, D.M.A. Associate Professor Computer Music ICAT Senior Fellow DISIS, L2Ork Virginia Tech School of Performing Arts - 0141 Blacksburg, VA 24061 (540) 231-6139 ico@email-addr-hidden www.performingarts.vt.edu disis.music.vt.edu l2ork.music.vt.edu _______________________________________________ Linux-audio-user mailing list Linux-audio-user@email-addr-hidden http://lists.linuxaudio.org/listinfo/linux-audio-userReceived on Sat Oct 11 00:15:05 2014
This archive was generated by hypermail 2.1.8 : Sat Oct 11 2014 - 00:15:05 EEST