Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OS X Permissions

C

cblackburn

macrumors regular
Original poster
Jul 5, 2005
158
0
London, UK
Hey all,

I have an external hard drive (mounted as /Volumes/Icybox) and I would like to share some of the contents with other people. This is what I have done

1. Set myself as the owner of all the files recursively in the hard drive.

2. Set the unix file permissions to 744 so that I have complete access and other people have read only access.

3. Set up a limited user (fileshare) who can log in over FTP whose home directory is /Volumes/Icybox.

However when the user logs in over FTP all the files are suddenly owned by fileshare, and hence the remote user has complete access. Why do the files reflect the owner to be whoever is logged in rather than the correct file permissions?

Regards

Chris
 
yellow said:
You should look into using "chroot" to protect your directories.
Click to expand...

Que? How would that help in the above situation. I thought chroot just locked you into a certain directory?

Chris
 
Yes.. what I gathered from your post was anyone who connected has permissions to travel anywhere, that's not the case?

If not, then this might help you: http://www.ldml.com/services/support/macosx/ftpUserCreate.html

perhaps if you replaced the built-in FTP server with something a little more "robust" and modern, your Permissions issues would be moot. Of coruse, I don't know which version of OS X you're running, nor which FTP server.
 
yellow said:
Of coruse, I don't know which version of OS X you're running, nor which FTP server.
Click to expand...

I am using the standard FTP server on OS X.4.4. The problem is that the permissions of files inside a directory are not constant depending on who logs in. If Chris logs in then the files are owned by Chris. If fileshare logs in then the files are owned by fileshare, and so on. This effectively makes permissions redundant.

Chris
 
Is perhaps "Ignore Permissions on this volume" checked in the Get Info window (permissions section)?

AFAIK, an external drive (besides the above choice) should act as an any other volume. I just tested what you are seeing by creating 2 test users on a 10.4.4 box and turning on the FTP server. Via the terminal for testa, I touched 5 test files, test1 - test5. By default, the permissions were set as 644. Not sure why you're making the files executable, they don't need to be to be downloaded. But just to be the same, I changed the permissions to be 744 on all the test files. I logged in as a second test user via the FTP server and changed directories to the test user's home dir, and all the test files were owned by the testa user.

So I'm not seeing what you're seeing.

Code: 
    Welcome to Darwin!
230 User testb logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /Users/testa
250 CWD command successful.
ftp> ls
229 Entering Extended Passive Mode (|||56864|)
150 Opening ASCII mode data connection for '/bin/ls'.
total 1
-rw-r--r--   1 testa  testa    3 Feb 20 16:10 .CFUserTextEncoding
drwx------   3 testa  testa  102 Feb 20 16:10 Desktop
drwx------   3 testa  testa  102 Feb 20 16:10 Documents
drwx------  17 testa  testa  578 Feb 20 16:10 Library
drwx------   3 testa  testa  102 Feb 20 16:10 Movies
drwx------   3 testa  testa  102 Feb 20 16:10 Music
drwx------   4 testa  testa  136 Feb 20 16:10 Pictures
drwxr-xr-x   4 testa  testa  136 Feb 20 16:10 Public
drwxr-xr-x   5 testa  testa  170 Feb 20 16:10 Sites
-rwxr--r--   1 testa  testa    0 Feb 20 16:14 test1
-rwxr--r--   1 testa  testa    0 Feb 20 16:14 test2
-rwxr--r--   1 testa  testa    0 Feb 20 16:14 test3
-rwxr--r--   1 testa  testa    0 Feb 20 16:14 test4
-rwxr--r--   1 testa  testa    0 Feb 20 16:14 test5
226 Transfer complete.

So... all I can think of is that "Ignore Permissions on this volume" is checked.
 
yellow said:
Is perhaps "Ignore Permissions on this volume" checked in the Get Info window (permissions section)?
Click to expand...

hummmm, I do not have that as an option when I Get Info on either the External or Internal Hard drives. Both are formatted as MacOS Extended (Journaled). I am logged in as a system administrator.

any ideas on where this option has gone?

Regards

Chris
 
It has to be there..

Under Ownership & Permissions. It's a checkbox, (changed to) "Ignore ownership on this volume" in Tiger.
 
yellow said:
It has to be there..

Under Ownership & Permissions. It's a checkbox, (changed to) "Ignore ownership on this volume" in Tiger.
Click to expand...

Here is a screenshot of the get info box:-

attachment.php
 

Attachments

  • info.jpg
    info.jpg
    46 KB · Views: 465
cblackburn said:
However when the user logs in over FTP all the files are suddenly owned by fileshare, and hence the remote user has complete access. Why do the files reflect the owner to be whoever is logged in rather than the correct file permissions?
Click to expand...

By default OS X mounts external drives only when a user logs in at the console. These external drives are mounted such that the logged in user owns the files on the volume. In effect this means that the permissions stored on the external drive are ignored.

If you want OS X to honor the permissions on the external drive then you need to set up the mount options for the external drive using an entry in /etc/fstab.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back