ACL Permissions issue for incoming FTP'ed files

Question

Hello.

FTP'ed files come into a folder on my Windows 2000 Server box. The folder that contains these FTP'ed files is a shared folder on my internal network so that my operations group and manipulate the contents via a UNC path. The share and NTFS permission ACL of this folder have been set based on how we need to use it. The ACL has also been set to cascade to any sub-folders and files. When we use Windows Explorer to move files into and manipulate files in that folder moved there with Windows Explorer, the ACL permissions set work as we expect. But, when a file is FTP'ed and you try to then manipulate that file via Windows Explorer, you can not. When looking at the security of the FTP'ed file, you can see that the ACL has changed. My first guess it that files FTP'ed have there ACL reset to correspond to that in the /etc/passwd file. Is this true? If so, how can I set that file so that the ACL I want is correctly set? If not, why is my ACL permissions changing for the files that are FTP'ed in?

Thanks in advance.

Answer 1

My first guess it that files FTP'ed have there ACL reset to correspond to that in the /etc/passwd file. Is this true? If so, how can I set that file so that the ACL I want is correctly set? If not, why is my ACL permissions changing for the files that are FTP'ed in?

I think your analysis is correct. The files that you FTP to the server will get the permissions corresponding to the user in the passwd file. The FTP protocol does not support transfer of permissions between different systems. ProFTPD, upon which edtFTPD is based, does support the "SITE CHMOD" command which allows explicit changing of permissions from the client (like the chmod UNIX command). We've never tested this in edtFTPD, so I can't promise you that it works. Have a look at http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-FTP-commands.html for a listing of all available commands. The "SITE CHMOD" is described near the bottom of the page.

- Hans (EDT Support)