[Dshield] FTP Site
paulclarke at clarkeworks.com
Thu Nov 29 12:47:36 GMT 2001
In a message Sean said:
>Date: Wed, 28 Nov 2001 01:19:43 +0100
>To: dshield at dshield.org
>From: Sean Graham <seangra at yahoo.com>
>Subject: Re: [Dshield] (no subject)
>Reply-To: dshield at dshield.org
>why do you wish to run an FTP with open access in the first place?
>Usually I have seen that people just mark the Uploads directory Write-Only,
>but with list, and that's the only place with write access. You can upload
>all you want, and see what you've uploaded, but only users with accounts
>can download anything that has been uploaded (or they must wait until you
>move it out of the upload directory). Wouldn't this be a simpler way to
>Good solution though.
I wanted open (e.g. anonymous) access for the DOWNLOAD for convenience - but
no download from the UPLOAD.
There are some complications in Windows NT/2000 NTFS permissions that make
it difficult to allow directory viewing but not file reading (at least I had
difficulty making that work smoothly with a "inherited" right to "write"
allowed by IIS5 and a "deny" read set in NTFS security). I'm certain your
right about the settings it's just that I couldn't find a comfortable
combination with the complexity of IIS5's security and NTFS permissions
adding "inheritance" into the mix. My old brain just froze :>
Perhaps I should trash the "windoze" server and go with a Linux box.
That should get the advice flowing :>
Thanks for the reply.
More information about the list