FlashFXP Forums - View Single Post

Yil · 05-21-2005, 01:18 PM

First off, this is by far the most customizable, configurable, lightweight, and just plain kickass ftp server I've used. But I suppose everyone already here knows that

There are so far 3 things I haven't really been able to figure out.

1) While there is a chown and a chmod command I can't seem to find a way to change the GROUP of a directory or file. This is particularly annoying since I figured if there wasn't a command to change it that it would track the group of the new owner if changed via chown. But that doesn't work either...

2) There is currently NO WAY to grant or deny FXP permissions to a folder/file based on a users group, flags, or name. It's either on or off for everyone. FXP is perhaps a special case since the other transfer related permissions are usually broadly specified and individual file and folder filesystem permissions are used for fine grained control. Thus I think instead of upload having an F/f flag, you should simply create a new FXPsend and FXPreceive keywords (eliminates the upload/download confusion). Thus instead of

Download = * 1MV3YZFf

you would have

Download = * 1MV3YZ
FXPsend = * 1MV3

thus denying FXP downloading to anyone who isn't flagged 1mv3.

3) In order to prevent idling for some users I'm using
noop = !Z *
but it's sorta annoying to see those command not understood messages. Perhaps instead you could add a "noidle" keyword. You could then improve the logic so that people issuing random and pointless noops, pwd, etc could all be ignored when calculating when to apply the idle timelimit...

My initial feedback from playing with it for a few days goes as follows:

1) I'm an old unix type so I don't mind editing config files by hand, but I'd really bundle something like ioGUI with some extra functionality with the product.

2) Since a lot of subtle VFS, permissions, etc issues creep up and bite people or just confound newer users, I'd think about a new site command to show the applicable rules for the specified file or directory would be very useful and rather straighforward. A script, addon gui, etc could then expand the groups, users, etc to highlight which ones have access to do what. I could see that as very powerful. Of course such a script COULD just read the files for themselves, but that doesn't mean it's being processed that way

3) I've used srvany to install ioftpd as a service, but it's only a sorta fix since it doesn't gracefully shutdown ioftpd nor does it catch when ioftpd crashes. I'd really provide a simple but proper services wrapper.

-Yil

05-21-2005, 01:18 PM
Yil Too much time... Join Date: May 2005 Posts: 1,194	FXP denial, group changing, etc First off, this is by far the most customizable, configurable, lightweight, and just plain kickass ftp server I've used. But I suppose everyone already here knows that There are so far 3 things I haven't really been able to figure out. 1) While there is a chown and a chmod command I can't seem to find a way to change the GROUP of a directory or file. This is particularly annoying since I figured if there wasn't a command to change it that it would track the group of the new owner if changed via chown. But that doesn't work either... 2) There is currently NO WAY to grant or deny FXP permissions to a folder/file based on a users group, flags, or name. It's either on or off for everyone. FXP is perhaps a special case since the other transfer related permissions are usually broadly specified and individual file and folder filesystem permissions are used for fine grained control. Thus I think instead of upload having an F/f flag, you should simply create a new FXPsend and FXPreceive keywords (eliminates the upload/download confusion). Thus instead of Download = * 1MV3YZFf you would have Download = * 1MV3YZ FXPsend = * 1MV3 thus denying FXP downloading to anyone who isn't flagged 1mv3. 3) In order to prevent idling for some users I'm using noop = !Z * but it's sorta annoying to see those command not understood messages. Perhaps instead you could add a "noidle" keyword. You could then improve the logic so that people issuing random and pointless noops, pwd, etc could all be ignored when calculating when to apply the idle timelimit... My initial feedback from playing with it for a few days goes as follows: 1) I'm an old unix type so I don't mind editing config files by hand, but I'd really bundle something like ioGUI with some extra functionality with the product. 2) Since a lot of subtle VFS, permissions, etc issues creep up and bite people or just confound newer users, I'd think about a new site command to show the applicable rules for the specified file or directory would be very useful and rather straighforward. A script, addon gui, etc could then expand the groups, users, etc to highlight which ones have access to do what. I could see that as very powerful. Of course such a script COULD just read the files for themselves, but that doesn't mean it's being processed that way 3) I've used srvany to install ioftpd as a service, but it's only a sorta fix since it doesn't gracefully shutdown ioftpd nor does it catch when ioftpd crashes. I'd really provide a simple but proper services wrapper. -Yil