Go Back   FlashFXP Forums > > > >

ioFTPD General New releases, comments, questions regarding the latest version of ioFTPD.

Reply
 
Thread Tools Rate Thread Display Modes
Old 03-04-2014, 08:40 AM   #1
quade1337
Junior Member
 
Join Date: Jun 2006
Posts: 7
Default nobody can delete anything

in my ini for delete i want it so no users can delete any folders/files

i have it setup like this

Delete = /* !*


but anyone can delete anything... how can i fix it.

Last edited by quade1337; 03-04-2014 at 08:47 AM.
quade1337 is offline   Reply With Quote
Old 03-04-2014, 06:42 PM   #2
Yil
Too much time...
FlashFXP Beta Tester
ioFTPD Administrator
 
Join Date: May 2005
Posts: 1,194
Default

Code:
Delete = /* !*
You are on the right track to prevent a user from deleting ANOTHER user's FILE. You'll also want

Code:
DeleteOwn = /* !*
RemoveDir = /* !*
RemoveOwnDir = /* !*
if you really wanted to prevent anyone from deleting anything on the server except M flagged users which are immune to all rules...

Please also make sure that these rules are above any other rules as the first matching rule for a type of operation determines the permissions to apply.

Check out 'site help perms' which should enable you to see exactly what operations can be performed on any file/directory on the server as if you were another user. It's a great way to test things.

Remember to 'site rehash' after making changes to the .ini file so you can see the changes.

You might also want to consider a couple of other things. VFS rules like the ones above have their place, but you can also use 'site chmod' to control the +w flag on directories. This allows much finer control on a per-directory/file level without having to edit the .ini. A classic example might be to use the VFS rules to prohibit anyone from touching the /Archives folder and anything under it, but allow users to delete their own files elsewhere. For example zipscripts might also allow you a way to -w a directory after it's been marked complete, but still allow users to delete a mistakenly uploaded file they sent in the wrong place.

NOTE: scripts are responsible for their own permissions. If you use nxTools to Wipe a directory it removes the files directly from the filesystem and the server doesn't get to chance to apply any permission checks. If you have 3rd party scripts involved make sure you limit access to the destructive operations.
Yil is offline   Reply With Quote
Reply

Tags
delete, fix, ini, setup, users

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 10:23 PM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)