Users can ftp files to their home directory #154
Comments
|
I'm not entirely clear on the issue here, but I don't see any files uploaded to |
|
I wrote a python script to automate ftp transfers to the DAC. In the
script, I forgot to set the dataset directory before I started uploading.
The files were successfully transferred to my data provider home
directory. This was done on dev and I deleted the files, but can re-create
them if you need proof. Let me know
…On Wed, Oct 21, 2020 at 3:02 PM Benjamin Adams ***@***.***> wrote:
I'm not entirely clear on the issue here, but I don't see any files
uploaded to /home subdirectories, and users are chrooted in the current
FTP setup. I will need more clarification on what occurred here.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#154 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAVGNLIHN7YUCXP5SJIDVLDSL4V6DANCNFSM4SZYI66Q>
.
|
|
So the directory should be set to |
|
Reopening this as a user ftp'd files to their user directory and not the deployment directory. The files were ftp'd to: /data/data/priv_erddap/USERNAME and not: /data/data/priv_erddap/USERNAME/DEPLOYMENT We need to address this |
|
As far as I know, this isn't easily addressable with Linux FACLs without also disabling write permissions in the "base" FTP virtual directory. It's possible to disable write to the base directory, but then users will have to create a deployment only through the providers application. |
|
Understood. I'll close this for now and we'll likely have to deal with the situation, when it comes up, by hand. |
Just found this out the hard way, but I was able to upload .nc files from a dataset to my data provider home directory. I'm writing a python ftp script to push files and forgot to add the dataset folder name to the upload path. But the files were transferred nonetheless. Probably should not allow this.
The text was updated successfully, but these errors were encountered: