[NBLUG/talk] blind drop ftp server
Scott Doty
scott at corp.sonic.net
Tue Oct 21 16:30:54 PDT 2008
Sean wrote:
> I inherited a server that was running a "blind drop" vsftpd ftp
> server. The server functioned in a way that allowed people using a
> certain login to upload files, but they were unable to see any files
> in the directory (including the one they just uploaded). For some
> reason the files are all now visible, and I'm unable to figure out how
> this was set up. It's running Fedora.
>
> Do any of you have any ideas as to how to set up a "blind drop" ftp
> server in this way? The only changes I could see (by looking at
> .bash_history) were adding the read and write atribute to some files
> for the file's group (in this case g+r and g+w), but the owner/login
> name is not part of the group. The directory all these files reside in
> has not been modified (drwxrws---). So far as I can see the file
> permissions changes should not have caused this.
>
> Does anyone have any ideas? My research has come up with very little,
> none of which has helped so far.
>
Hi Sean,
You make the directory unreadable by setting the "r" bits appropriately
in the directory's permissions. Example might be:
-rw--w--w-
This means that the other users can create files in the directory, but
they can't list the directory's contents.
Share and Enjoy. :)
-Scott
More information about the talk
mailing list