Re: queue in erlangen
In article <[🔎] m0xQJ9O-00000NC@debian> you write:
>"Peter Tobias" wrote:
>> You could create an additional directory for bad uploads and allow the
>> user to rename/move (but not delete) the files. The user could move the
>> bad uploads to that directory and upload the package again.
>
>Moving a file requires write-access to the directory. Deleting a file
>requires write access to the directory.
>
>How would what you're suggesting prevent malicious manipulation if the files
>are uploaded using anonymous ftp?
Do you run wu-ftpd? If so, look in /etc/ftpd/ftpaccess. See
something like this?
# all the following default to "yes" for everybody
rename yes guest,anonymous # rename permission?
delete no guest,anonymous # delete permission?
overwrite no guest,anonymous # overwrite permission?
chmod no anonymous # chmod permission?
umask no anonymous # umask permission?
Since all FTP accesses go through the FTP daemon, the daemon can
implement whatever policy it likes; it's not limited by the underlying
filesystem.
--Charles Briscoe-Smith
White pages entry, with PGP key: <URL:http://alethea.ukc.ac.uk/wp?95cpb4>
PGP public keyprint: 74 68 AB 2E 1C 60 22 94 B8 21 2D 01 DE 66 13 E2
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: