Ftp – Forcing 644 Permissions on Files with ProFTPd

file-permissionsftppermissionsproftpdubuntu-12.04

We have an Ubuntu 12.04 server set up with ProFTPd for users to upload files. Each user has their own account and are jailed to their directory.

Normally, everything works fine, they get 644 permissions on created/uploaded files, and 755 permissions on created/uploaded folders.

The problem is, occasionally some files will get uploaded with 600 permissions (or changed after uploading, I'm not sure?), so they are not readable to anyone but the owner. Is there any way to lock/force permissions to 644 on files?

I know I can take away permissions with umask but I don't want this, I want to stop the user reducing the permissions too much, so they shouldn't be able to go below 644 (rw- r– r–)

Best Answer

As far as I know you can't control ftp in the way you want, you could only limit chmod for some users entirely or allow it. There isn't a middle way. Maybe you could use auditd to monitor for changes and then take action on them, but that would be really complicated.

Edit: Limiting chmod in proftpd:

    <Limit SITE_CHMOD>
         DenyAll   
    </Limit>
Related Topic