Opened 16 years ago

Last modified 11 years ago

#2178 closed Feature request

Allow blind parent directories

Reported by: dprez Owned by:
Priority: normal Component: Other
Keywords: Cc: dprez, Tim Kosse
Component version: Operating system type:
Operating system version:

Description

One of the features of a unix permission system is that
you can set the execute permission on a directory to
allow a user to 'cd' through the directory without being
able to read the directory. This means you have to
know the path where you want to go. The advantage is
that users (especially if they don't know our directory
structure) are unable to 'browse' through our directory
tree.

Most FTP clients I have used allow for this feature by
allowing us to set up a site profile for a user that takes
them directly to the directory they need to access.
They are either unable to 'cd' up (..) to the parent
directory, or if they are able, once there they see
nothing.

When I try to access one of these directories using
FileZilla, even though it is able to read the directory I
want, it fails because it can't read the parent directory.
In fact, it appears to need read access for the parent
directories all the way to '/'.

I would like to be able to see a remote directory which I
have access to even if I do not have read access to the
directories above it.

An example on our system is the
directory /datatel/live/collive/_HOLD_. The directory
permissions are:

drwxr-xr-x /
drwxrwx--x /datatel
drwxrwx--x /datatel/live
drwxrwx--x /datatel/live/collive
drwxrwxr-x /datatel/live/collive/_HOLD_

Users should be able to retrive files from the _HOLD_
directory, but should not be able to get a directory
listing from any level above that.

Thanks

Don

Change History (3)

comment:1 by Tim Kosse, 16 years ago

I've no problems creating a directory structure you describe.

If I take a parent directory all permissions, I can't CWD
into it, but CWD into the subfolder does work as intendet.

One word of advise: If you need to hide certain folders this
way, please reconsider your folder structure. Many FTP
clients WILL have problems with such directory structures.
In FZS, using Aliases, those stranger directory structures
can be easily avoided.

comment:2 by dprez, 16 years ago

Yes, I would prefer to not use the directory structure as it
exists, but it is a problem of the application software we are
using and we have to live with some of it. I can minimize the
problem, but not eliminate it.

The raw CWD command works, and if I refresh the windows,
it even properly lists the files in the directory, but incorrectly
updates the remote site path. Then I am unable to transfer
files from the offending directory since it has an incorrect
path.

Here is the message I get when I try to enter the correct
path into the remote site path box:

Command: CWD /datatel/work/test/coltest17/_HOLD_/
Response: 250 CWD command successful.
Command: PWD
Response: 550 The getwd subroutine failed.
Response: Cannot open the parent
directory.
Response: .
Error: Could not retrieve directory listing

Apparently at that point, it is in the correct path, but the file
listing doesn't get updated, and if I force a refresh, the path
gets changed to /datatel/work (the lowest level where the
directory can be read).

Thanks

Don

comment:3 by Tim Kosse, 13 years ago

Response: 250 CWD command successful.
Command: PWD
Response: 550 The getwd subroutine failed.
Response: Cannot open the parent
directory.

Bug in the server.

Note: See TracTickets for help on using tickets.