HPE Community
Operating System - HP-UX
1833475 Members
2531 Online
110052 Solutions
New Discussion

upload file

 
eric_204
Frequent Advisor

‎01-01-2004 06:18 PM

‎01-01-2004 06:18 PM

upload file

In my HP unix 11.0 system , user can use ftp to upload any format of file to the system , how can I restrict the user can only upload a specific format of file ( eg. .txt) to the system ? thx.
0 Kudos
Reply
4 REPLIES 4
KapilRaj
Honored Contributor

‎01-01-2004 06:41 PM

‎01-01-2004 06:41 PM

Re: upload file

Wrap "ftp" in a shell script and give it to the user

I can not think of anything else now !

Kaps
Nothing is impossible
0 Kudos
Reply
G. Vrijhoeven
Honored Contributor

‎01-01-2004 06:47 PM

‎01-01-2004 06:47 PM

Re: upload file

Hi erik,

I am not sure if you can restrict on file format. It looks easy to bypass this just renaming the file to txt.

You can start with restricting the server so only specific users can access the system. ( man ftpusers) besides that you can configure ftpaccess with the ftpaccess command. This takes an extra option in the /etc/inetd.conf file in the ftp line. (-a) and you can make accounts changerooted. For a detailed description do a search on the forum. There are several threats in this subject.

Hope this helps.

Gideon
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎01-02-2004 01:12 AM

‎01-02-2004 01:12 AM

Re: upload file

There are no filetypes in Unix. A file (other than special files like directories, devicefiles or FIFOs, etc) is simply a string of characters which have meaning only to the program which created it and programs that know how to read it. There is nothing in Unix that makes .txt )or any other ending to a filename) special. That is a PC concept, and even there, you can rename any file to have a different ending (type extension) and mess up the automatic scheduling of an appropriate tool to read/write the file.

If you have users that are not familiar with the differences between Unix and PC's (or Mac's or mainframes, etc) it would be better that they are not allowed direct access to these machines. Instead, you can write special wrapper programs to perform the required checks and then schedule ftp from within the program after verufying the format of a file.


Bill Hassell, sysadmin
0 Kudos
Reply
Mic V.
Esteemed Contributor

‎01-02-2004 02:43 PM

‎01-02-2004 02:43 PM

Re: upload file

In addition to everything else that's been said: UNIX doesn't have a concept of file types, but it's not based on extension/suffix like it is in the Microsoft world. You can use the "file" command (which reads file "type" definitions found in the /etc/magic file) to determine some things about what's in a given file.

You could possibly embed the "file" command into a wrapper to perform one check on the type of data.

I also want to point out that it's possible to write a script/program for the HP server that "catches" Email and writes it to a file. This eliminates the need for FTP. I use this frequently for file transfer. Check out the use of "|" in your mail aliases file (typically /etc/mail/aliases).

Mic
What kind of a name is 'Wolverine'?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.