a-write-permission NcFTPd general.cf file configuration
Don't forget to restart NcFTPd after modifying the general.cf file.

A properly administrated anonymous FTP hierarchy will use the UNIX file and directory permissions properly.  Unfortunately it is easy to make a mistake which would leave your system vulnerable.  One case is where there is a public-writeable directory (drwxrwxrwx, d-wx-wx-wx, etc.) in your FTP area.  Abusers can then upload bootleg software, pornographic material, etc., onto your machine.

I recommend that you leave the a-write-permission variable set to no for this reason.  This variable affects anonymous users only, and prevents them from uploading, deleting, or creating directories, no matter what the permissions on the file system are set to.  If you know what you're doing, you can set it to yes though.

The special incoming directory is an exception to this rule.  The incoming directory may be written to -- but only this directory is writeable.  That's why you can set a-write-permission to no even if you want uploads -- with this protection you can be assured that the only uploading going on is to the incoming directory.


Previous: a-umask NcFTPd Home Next: aggressive-leak-detection