VSFTPD anonymous users can only upload can not download

Source: Internet
Author: User

Objective

Set up an FTP server for students to upload jobs to use.

Requirements

1. Students can access the FTP server directly without having to log in;

2. Can only upload files, can not create folders, rename, delete, etc.;

3. Cannot download the file (anti-plagiarism);

4. Cannot view files online.

Configuration
# 创建upload目录
mkdir/var/ftp/upload
# 改变属主
chown ftp /var/ftp/upload

# Replace the original contents of the/etc/vsftpd/vsftpd.conf file with the following : listen=YES write_enable=YES anon_upload_enable=YES  # 重启vsftpd服务 service vsftpd restartExplanation of principle

The first requirement is implemented by the Anonymous_enable=yes parameter, which allows anonymous users to log on because the value of this parameter defaults to Yes, so the configuration file can not be written.

The second requirement is implemented through the three parameters Anon_upload_enable=yes, Anon_mkdir_write_enable=no, Anon_other_write_enable=no, which allow anonymous users to upload, Anonymous users are not allowed to create directories and other write permissions (delete and rename) because the default values for both Anon_mkdir_write_enable and anon_other_write_enable are no, so you can also not write to the configuration file.

The third requirement is implemented by Anon_world_readable_only=yes, anon_umask=077, and the specific principle can be found in one of my other blogs: the role of anon_world_readable_only.

The fourth requirement is for the TXT document, if the student uploads the job is not to save the TXT document, you do not need to configure, of course, you can use file_open_mode=0000 to control the upload file permissions, so it is a TXT file, and can not be viewed online.

Note: The role of anon_world_readable_only

Linux file permissions are divided into "master", "genus Group" and "other people" these three kinds, if "other person" does not have the readable permission, that anon_world_readable_only this parameter is effective, for the directory, if "other person" does not have the readable permission, and Anon_ World_readable_only=yes, the anonymous user cannot browse all the contents of the directory (looks like an empty directory), and for a file, if "other person" does not have the readable permission and Anon_world_readable_only=yes, The anonymous user cannot download the file.

Note: Even if the "owner" of the file is an anonymous user (FTP), and "Others" does not have the readable permission, it is also valid.

VSFTPD anonymous users can only upload can not download

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.