Re: file permissions

[Kevin Colby <kevinc grainsystems com>]

Ryan Mayor wrote:
> 
> Hello all,
> 
> I am trying to setup an ftp server with an /incoming directory.
> 
> How do I set the file/folder permissions for this directory so
> that all users in group ftp can create subdirectories and upload
> files, but not download or delete them.
> 
> Is this possible?
> I have been staring at man chmod for the past hour...

Well, you were looking in the right place.
However, this is rather tricky.
What you want is more-or-less possible.  Technically,
you can't disallow deletion and allow creation.  They
are one and the same.  However, you can make it difficult,
and not very likely by disallowing reading the directory's
contents.  Sure, they could delete stuff, but without
knowing what is there, they'd either have to know what was
there ahead of time or just randomly try names.

chmod 1333 should give execute and write permission only
to everyone, and set the sticky bit (which may or may not
help, but is often done to world-write places to avoid
cross-user overwrite).

If you want an even better setup, also write a cronjob
that moves all the contents out elsewhere, so that
overwrites on common filenames don't occur, and people
can't change their mind and go back and delete stuff.
Just have the cronjob run every five minutes or so, and
you'll be doing good.

	- Kevin Colby
	  kevinc grainsystems com