You are viewing a plain text version of this content. The canonical link for it is here.
Posted to ftpserver-users@mina.apache.org by "Loureiro, Gil" <gi...@logica.com> on 2008/08/22 13:31:56 UTC
File/Dir permissions
Hi all,
I've seen that the SITE CHMOD command is not supported, that in the case of my application is Ok because user should never change permission.
But, if I create a new dir, from both fs or ftp, the permissions are always rw for the owner, is it possible to set the default permission for a certain user?
Cumprimentos,
Loureiro, Gil
Document Engineering Manager
Document Services
___________________________________________
Logica - Releasing your potential
Rua Particular da EDP (à rua cidade Goa nº11), 2685 Sacavém
Portugal
Mobile: +351 93 741 8888
Fax: +351 21 001 8251
E: gil.loureiro@logica.com <ma...@logica.com>
http://www.logica.com/portugal <http://www.logica.com/portugal>
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
RE: File/Dir permissions
Posted by "West, John C" <Jo...@CITIZENSBANK.com>.
If you're going to use this, please add "Mac OS X". The cmd and flag can
be the same as Linux.
-----Original Message-----
From: Niklas Gustavsson [mailto:niklas@protocol7.com]
Sent: Friday, August 22, 2008 8:39 AM
To: ftpserver-users@mina.apache.org
Subject: Re: File/Dir permissions
On Fri, Aug 22, 2008 at 2:23 PM, Andy Thomson <a1...@gmail.com>
wrote:
> I had proposed a change a while back to allow for new SITE commands. I
> have added quite a few using it: CHMOD, UTIME, DUAL [provides MD5 &
> SHA1 hashes on a file or all files in a directory], and some custom
> ones specific to my needs.
>
> Maybe it can posted/added as an "extra" for people that would want the
> ability to add custom SITE commands? I would supply the ones above
> and a generic template on how to do it.
Sure, or for those that doesn't cause any outrageous dependencies or
other problems, I'll be happy to include them in core. For those which
are not documented elsewhere, we should provide detailed documentation.
> One of the key tasks is to detect the OS platform the service is
> running one and call the appropriate OS command shell & command. There
> was a good article about 7-8 years ago on this, not much has changed
> from the JVM perspective [sad].
Yeah, I'm one of th commiters for the commons-exec project so I'm sadly
aware of this problem :-)
> Here is a snippet from the code:
>
> String osName = System.getProperty("os.name");
> String[] cmd = new String[3];
>
> if (osName.equals("Windows 95")) {
> cmd[0] = "command.com";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.contains("Windows")) {
> cmd[0] = "cmd.exe";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.equals("Linux")) {
> cmd[0] = "sh";
> cmd[1] = "-c";
> cmd[2] = cmdline;
> }
Of course, keeping this up-to-date with all platforms is a pain.
Especially since developers usually have limited access to the more
obscure platforms. This is a problem with for example the VMS code in
commons-exec.
> The "cmdline" is a string that holds the actual command and it's
parameters:
> "/bin/chmod 755 somefile". All error messages are passed back, works
> same as command line.
Yeap, but is there such commands on for example Windows? In my
understanding, on Windows you need to use the Win32 API, for example
using JNI.
> Not sure what is the best way to get this code introduced? Maybe just
> post it somewhere and reference it?
Attach it to a JIRA issue and make sure to tick the okay-for-inclusion
radio button and we can have a look at it.
/niklas
-----------------------------------------
Use of email is inherently insecure. Confidential information,
including account information, and personally identifiable
information, should not be transmitted via email, or email
attachment. In no event shall Citizens or any of its affiliates
accept any responsibility for the loss, use or misuse of any
information including confidential information, which is sent to
Citizens or its affiliates via email, or email attachment. Citizens
does not guarantee the accuracy of any email or email attachment,
that an email will be received by Citizens or that Citizens will
respond to any email.
This email message is confidential and/or privileged. It is to be
used by the intended recipient only. Use of the information
contained in this email by anyone other than the intended recipient
is strictly prohibited. If you have received this message in error,
please notify the sender immediately and promptly destroy any
record of this email.
Re: File/Dir permissions
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Fri, Aug 22, 2008 at 2:23 PM, Andy Thomson <a1...@gmail.com> wrote:
> I had proposed a change a while back to allow for new SITE commands. I have
> added quite a few using it: CHMOD, UTIME, DUAL [provides MD5 & SHA1 hashes
> on a file or all files in a directory], and some custom ones specific to my
> needs.
>
> Maybe it can posted/added as an "extra" for people that would want the
> ability to add custom SITE commands? I would supply the ones above and a
> generic template on how to do it.
Sure, or for those that doesn't cause any outrageous dependencies or
other problems, I'll be happy to include them in core. For those which
are not documented elsewhere, we should provide detailed
documentation.
> One of the key tasks is to detect the OS platform the service is running one
> and call the appropriate OS command shell & command. There was a good
> article about 7-8 years ago on this, not much has changed from the JVM
> perspective [sad].
Yeah, I'm one of th commiters for the commons-exec project so I'm
sadly aware of this problem :-)
> Here is a snippet from the code:
>
> String osName = System.getProperty("os.name");
> String[] cmd = new String[3];
>
> if (osName.equals("Windows 95")) {
> cmd[0] = "command.com";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.contains("Windows")) {
> cmd[0] = "cmd.exe";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.equals("Linux")) {
> cmd[0] = "sh";
> cmd[1] = "-c";
> cmd[2] = cmdline;
> }
Of course, keeping this up-to-date with all platforms is a pain.
Especially since developers usually have limited access to the more
obscure platforms. This is a problem with for example the VMS code in
commons-exec.
> The "cmdline" is a string that holds the actual command and it's parameters:
> "/bin/chmod 755 somefile". All error messages are passed back, works same
> as command line.
Yeap, but is there such commands on for example Windows? In my
understanding, on Windows you need to use the Win32 API, for example
using JNI.
> Not sure what is the best way to get this code introduced? Maybe just post
> it somewhere and reference it?
Attach it to a JIRA issue and make sure to tick the okay-for-inclusion
radio button and we can have a look at it.
/niklas
Re: File/Dir permissions
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Fri, Aug 22, 2008 at 4:18 PM, Andy Thomson <a1...@gmail.com> wrote:
> Niklas: Windows can use commands like cacls, ie, normal command line tools,
> no need for win32 api coding stuff.
Ah, I had no idea. Only seems to be available on Win2000 and forward
and seems to have been replaced. But yet, seems useful.
> My biggest concern is security, make sure code "pukes" correctly if someone
> abuses the command. Like putting in very long path names, or ones with odd
> characters. I did test it with Chinese filenames on Linux, no issues, and I
> always check the arguments. No shirt, no shoes, no service. Of course there
> is the other side, about people trying to change files that don't belong to
> them [user or group], this is more about checking what the user can do per
> some role or account permission.
Yes, this is part of my concern as well. I'm pretty sure I will -1
contributions that rely on running processes from FtpServer. But
trying to convince me otherwise is of course possible :-)
And, providing the code as an addon (as we should allow for custom
site commands) is an option.
/niklas
Re: File/Dir permissions
Posted by Andy Thomson <a1...@gmail.com>.
Hi Gil,
Yes on Process usage. What I omitted was the threaded parts, a stream
gobbler, and some other pieces. Code is pretty iron-clad, been around
for 7-8 years. I'll get it posted via Jira in the next few days.
From John's email, it looks like I should add OS and cmd to the
configuration file. That makes it easy, not just for CHMOD, but others
like the UTIME too.
Niklas: Windows can use commands like cacls, ie, normal command line
tools, no need for win32 api coding stuff.
My biggest concern is security, make sure code "pukes" correctly if
someone abuses the command. Like putting in very long path names, or
ones with odd characters. I did test it with Chinese filenames on Linux,
no issues, and I always check the arguments. No shirt, no shoes, no
service. Of course there is the other side, about people trying to
change files that don't belong to them [user or group], this is more
about checking what the user can do per some role or account permission.
Gil: Pure java :-). Well somewhere below the deck are native libraries
in Java, so calling an OS specific command is not too far from that.
Okay, I am stretching it a bit here, and being lazy :-).
Andy
Loureiro, Gil wrote:
> Be careful with the "Process proc = rt.exec(cmd);" usage, because depending on the OS in some estrange conditions it hangs, even to command that in theory shouldn't use stdin/err. A work around is to add threads to consume the stdin and stderr of the process, like:
> final InputStream in = proc.getInputStream();
> new Thread(new Runnable() {
> public void run() {
> try {
> while (in.read() != -1);
> } catch (IOException e) {
> // logTheError(e);
> }
> }
> }).start();
> final InputStream err = proc.getErrorStream();
> new Thread(new Runnable() {
> public void run() {
> try {
> while (err.read() != -1)
> ;
> } catch (IOException e) {
> // logTheError(e);
> }
> }
> }).start();
>
> Cumprimentos,
> Loureiro, Gil
> Document Engineering Manager
> Document Services
> _________________________________________
> Edinfor - a LogicaCMG company
> Rua Particular da EDP (à rua cidade Goa nº11), 2685 Sacavém
> Portugal
> M: +351 93 741 8888
> E: gil.loureiro@edinfor.logicacmg.com
> www.edinfor.logicacmg.com
> -----Original Message-----
> From: Andy Thomson [mailto:a10008051@gmail.com]
> Sent: sexta-feira, 22 de Agosto de 2008 13:23
> To: ftpserver-users@mina.apache.org
> Subject: Re: File/Dir permissions
>
> Niklas,
>
> I had proposed a change a while back to allow for new SITE commands. I
> have added quite a few using it: CHMOD, UTIME, DUAL [provides MD5 & SHA1
> hashes on a file or all files in a directory], and some custom ones
> specific to my needs.
>
> Maybe it can posted/added as an "extra" for people that would want the
> ability to add custom SITE commands? I would supply the ones above and
> a generic template on how to do it.
>
> One of the key tasks is to detect the OS platform the service is running
> one and call the appropriate OS command shell & command. There was a
> good article about 7-8 years ago on this, not much has changed from the
> JVM perspective [sad].
>
> Here is a snippet from the code:
>
> String osName = System.getProperty("os.name");
> String[] cmd = new String[3];
>
> if (osName.equals("Windows 95")) {
> cmd[0] = "command.com";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.contains("Windows")) {
> cmd[0] = "cmd.exe";
> cmd[1] = "/C";
> cmd[2] = cmdline;
> } else if (osName.equals("Linux")) {
> cmd[0] = "sh";
> cmd[1] = "-c";
> cmd[2] = cmdline;
> }
>
> Runtime rt = Runtime.getRuntime();
>
> // run the command
> Process proc = rt.exec(cmd);
>
> The "cmdline" is a string that holds the actual command and it's
> parameters: "/bin/chmod 755 somefile". All error messages are passed
> back, works same as command line.
>
> The commands could be separate jar files, or integrated with the main
> package, up to the developer. I personally like keeping them outside
> the main code, just specify the class path in the config file, and let
> the SITE cmd load it.
>
> The SITE cmd uses two maps, the normal one that it uses now, and then a
> user map that has the add-on commands. It looks in one map then the
> other, taking into account a user may actually over-ride an existing
> SITE command.
>
> Not sure what is the best way to get this code introduced? Maybe just
> post it somewhere and reference it?
>
> Andy
>
>
> Niklas Gustavsson wrote:
>> On Fri, Aug 22, 2008 at 1:31 PM, Loureiro, Gil <gi...@logica.com> wrote:
>>> I've seen that the SITE CHMOD command is not supported, that in the case of
>>> my application is Ok because user should never change permission.
>> The reason for it not being supported is that Java does not currently
>> allow setting file permissions. There are some third-party libs that
>> could be investigated for this, but they will be dependent on the OS
>> so I'm a bit reluctant. Also, the upcoming new file API does allow for
>> setting file permissions, hopefully coming in Java 7.
>>
>>> But, if I create a new dir, from both fs or ftp, the permissions are always
>>> rw for the owner, is it possible to set the default permission for a certain
>>> user?
>> No, not at the moment. Patches welcome of course :-)
>>
>> /niklas
>>
>
>
> This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
>
>
>
RE: File/Dir permissions
Posted by "Loureiro, Gil" <gi...@logica.com>.
We have also the question of pure java...!
Cumprimentos,
Loureiro, Gil
Document Engineering Manager
Document Services
_________________________________________
Edinfor - a LogicaCMG company
Rua Particular da EDP (à rua cidade Goa nº11), 2685 Sacavém
Portugal
M: +351 93 741 8888
E: gil.loureiro@edinfor.logicacmg.com
www.edinfor.logicacmg.com
-----Original Message-----
From: Niklas Gustavsson [mailto:niklas@protocol7.com]
Sent: sexta-feira, 22 de Agosto de 2008 14:53
To: ftpserver-users@mina.apache.org
Subject: Re: File/Dir permissions
On Fri, Aug 22, 2008 at 3:47 PM, Loureiro, Gil <gi...@logica.com> wrote:
>
> Be careful with the "Process proc = rt.exec(cmd);" usage, because depending on the OS in some estrange conditions it hangs, even to command that in theory shouldn't use stdin/err. A work around is to add threads to consume the stdin and stderr of the process, like:
Yes, this is the approach that commons-exec use. If we would go with a
solution like this, I would strongly recommend using commons-exec. Not
that I would like to use a solution that requires running shell
commands from a component like FtpServer, I'm afraid of running into
all kinds of concurrency and security problems.
/niklas
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
Re: File/Dir permissions
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Fri, Aug 22, 2008 at 3:47 PM, Loureiro, Gil <gi...@logica.com> wrote:
>
> Be careful with the "Process proc = rt.exec(cmd);" usage, because depending on the OS in some estrange conditions it hangs, even to command that in theory shouldn't use stdin/err. A work around is to add threads to consume the stdin and stderr of the process, like:
Yes, this is the approach that commons-exec use. If we would go with a
solution like this, I would strongly recommend using commons-exec. Not
that I would like to use a solution that requires running shell
commands from a component like FtpServer, I'm afraid of running into
all kinds of concurrency and security problems.
/niklas
RE: File/Dir permissions
Posted by "Loureiro, Gil" <gi...@logica.com>.
Be careful with the "Process proc = rt.exec(cmd);" usage, because depending on the OS in some estrange conditions it hangs, even to command that in theory shouldn't use stdin/err. A work around is to add threads to consume the stdin and stderr of the process, like:
final InputStream in = proc.getInputStream();
new Thread(new Runnable() {
public void run() {
try {
while (in.read() != -1);
} catch (IOException e) {
// logTheError(e);
}
}
}).start();
final InputStream err = proc.getErrorStream();
new Thread(new Runnable() {
public void run() {
try {
while (err.read() != -1)
;
} catch (IOException e) {
// logTheError(e);
}
}
}).start();
Cumprimentos,
Loureiro, Gil
Document Engineering Manager
Document Services
_________________________________________
Edinfor - a LogicaCMG company
Rua Particular da EDP (à rua cidade Goa nº11), 2685 Sacavém
Portugal
M: +351 93 741 8888
E: gil.loureiro@edinfor.logicacmg.com
www.edinfor.logicacmg.com
-----Original Message-----
From: Andy Thomson [mailto:a10008051@gmail.com]
Sent: sexta-feira, 22 de Agosto de 2008 13:23
To: ftpserver-users@mina.apache.org
Subject: Re: File/Dir permissions
Niklas,
I had proposed a change a while back to allow for new SITE commands. I
have added quite a few using it: CHMOD, UTIME, DUAL [provides MD5 & SHA1
hashes on a file or all files in a directory], and some custom ones
specific to my needs.
Maybe it can posted/added as an "extra" for people that would want the
ability to add custom SITE commands? I would supply the ones above and
a generic template on how to do it.
One of the key tasks is to detect the OS platform the service is running
one and call the appropriate OS command shell & command. There was a
good article about 7-8 years ago on this, not much has changed from the
JVM perspective [sad].
Here is a snippet from the code:
String osName = System.getProperty("os.name");
String[] cmd = new String[3];
if (osName.equals("Windows 95")) {
cmd[0] = "command.com";
cmd[1] = "/C";
cmd[2] = cmdline;
} else if (osName.contains("Windows")) {
cmd[0] = "cmd.exe";
cmd[1] = "/C";
cmd[2] = cmdline;
} else if (osName.equals("Linux")) {
cmd[0] = "sh";
cmd[1] = "-c";
cmd[2] = cmdline;
}
Runtime rt = Runtime.getRuntime();
// run the command
Process proc = rt.exec(cmd);
The "cmdline" is a string that holds the actual command and it's
parameters: "/bin/chmod 755 somefile". All error messages are passed
back, works same as command line.
The commands could be separate jar files, or integrated with the main
package, up to the developer. I personally like keeping them outside
the main code, just specify the class path in the config file, and let
the SITE cmd load it.
The SITE cmd uses two maps, the normal one that it uses now, and then a
user map that has the add-on commands. It looks in one map then the
other, taking into account a user may actually over-ride an existing
SITE command.
Not sure what is the best way to get this code introduced? Maybe just
post it somewhere and reference it?
Andy
Niklas Gustavsson wrote:
> On Fri, Aug 22, 2008 at 1:31 PM, Loureiro, Gil <gi...@logica.com> wrote:
>> I've seen that the SITE CHMOD command is not supported, that in the case of
>> my application is Ok because user should never change permission.
>
> The reason for it not being supported is that Java does not currently
> allow setting file permissions. There are some third-party libs that
> could be investigated for this, but they will be dependent on the OS
> so I'm a bit reluctant. Also, the upcoming new file API does allow for
> setting file permissions, hopefully coming in Java 7.
>
>> But, if I create a new dir, from both fs or ftp, the permissions are always
>> rw for the owner, is it possible to set the default permission for a certain
>> user?
>
> No, not at the moment. Patches welcome of course :-)
>
> /niklas
>
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
Re: File/Dir permissions
Posted by Andy Thomson <a1...@gmail.com>.
Niklas,
I had proposed a change a while back to allow for new SITE commands. I
have added quite a few using it: CHMOD, UTIME, DUAL [provides MD5 & SHA1
hashes on a file or all files in a directory], and some custom ones
specific to my needs.
Maybe it can posted/added as an "extra" for people that would want the
ability to add custom SITE commands? I would supply the ones above and
a generic template on how to do it.
One of the key tasks is to detect the OS platform the service is running
one and call the appropriate OS command shell & command. There was a
good article about 7-8 years ago on this, not much has changed from the
JVM perspective [sad].
Here is a snippet from the code:
String osName = System.getProperty("os.name");
String[] cmd = new String[3];
if (osName.equals("Windows 95")) {
cmd[0] = "command.com";
cmd[1] = "/C";
cmd[2] = cmdline;
} else if (osName.contains("Windows")) {
cmd[0] = "cmd.exe";
cmd[1] = "/C";
cmd[2] = cmdline;
} else if (osName.equals("Linux")) {
cmd[0] = "sh";
cmd[1] = "-c";
cmd[2] = cmdline;
}
Runtime rt = Runtime.getRuntime();
// run the command
Process proc = rt.exec(cmd);
The "cmdline" is a string that holds the actual command and it's
parameters: "/bin/chmod 755 somefile". All error messages are passed
back, works same as command line.
The commands could be separate jar files, or integrated with the main
package, up to the developer. I personally like keeping them outside
the main code, just specify the class path in the config file, and let
the SITE cmd load it.
The SITE cmd uses two maps, the normal one that it uses now, and then a
user map that has the add-on commands. It looks in one map then the
other, taking into account a user may actually over-ride an existing
SITE command.
Not sure what is the best way to get this code introduced? Maybe just
post it somewhere and reference it?
Andy
Niklas Gustavsson wrote:
> On Fri, Aug 22, 2008 at 1:31 PM, Loureiro, Gil <gi...@logica.com> wrote:
>> I've seen that the SITE CHMOD command is not supported, that in the case of
>> my application is Ok because user should never change permission.
>
> The reason for it not being supported is that Java does not currently
> allow setting file permissions. There are some third-party libs that
> could be investigated for this, but they will be dependent on the OS
> so I'm a bit reluctant. Also, the upcoming new file API does allow for
> setting file permissions, hopefully coming in Java 7.
>
>> But, if I create a new dir, from both fs or ftp, the permissions are always
>> rw for the owner, is it possible to set the default permission for a certain
>> user?
>
> No, not at the moment. Patches welcome of course :-)
>
> /niklas
>
Re: File/Dir permissions
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Fri, Aug 22, 2008 at 1:31 PM, Loureiro, Gil <gi...@logica.com> wrote:
> I've seen that the SITE CHMOD command is not supported, that in the case of
> my application is Ok because user should never change permission.
The reason for it not being supported is that Java does not currently
allow setting file permissions. There are some third-party libs that
could be investigated for this, but they will be dependent on the OS
so I'm a bit reluctant. Also, the upcoming new file API does allow for
setting file permissions, hopefully coming in Java 7.
> But, if I create a new dir, from both fs or ftp, the permissions are always
> rw for the owner, is it possible to set the default permission for a certain
> user?
No, not at the moment. Patches welcome of course :-)
/niklas