a-write-permission |
NcFTPd general.cf file configuration Don't forget to restart NcFTPd after modifying the general.cf file. |
A properly administrated anonymous FTP hierarchy will use the UNIX
file and directory permissions properly. Unfortunately it is easy
to make a mistake which would leave your system vulnerable. One case
is where there is a public-writeable directory (drwxrwxrwx,
I recommend that you leave the a-write-permission variable set to no for this reason. This variable affects anonymous users only, and prevents them from uploading, deleting, or creating directories, no matter what the permissions on the file system are set to. If you know what you're doing, you can set it to yes though.
The special incoming directory is an exception to this rule. The incoming directory may be written to -- but only this directory is writeable. That's why you can set a-write-permission to no even if you want uploads -- with this protection you can be assured that the only uploading going on is to the incoming directory.
Examples: