CentOS - Feb 2006 - Proper way to give rights at the file system?

I have a certain directory under /usr that I want to make available
through vsftp to a specific user. The easiest way to do this, I believe,
is to create a symlink from the user's home directory to this directory.
The catch is I want/need them to be able to delete/upload files as well.
Root is the group and user owner of the files. 

What is the "proper" way to give rights for this user?

Thanks,
James

James Pifer wrote:
> I have a certain directory under /usr that I want to make available
> through vsftp to a specific user. The easiest way to do this, I believe,
> is to create a symlink from the user's home directory to this
directory.
> The catch is I want/need them to be able to delete/upload files as well.
> Root is the group and user owner of the files. 
>
> What is the "proper" way to give rights for this user?
>   

There really isn't.  If you're going to give the person write access to 
/usr you'd better really trust that person.  If you trust that person 
enough to do that, you might as well just allow them to have root access 
through sudo so you can keep track of their activities.

On Wed, 2006-02-22 at 13:24 -0500, James Pifer wrote:
> I have a certain directory under /usr that I want to make available
> through vsftp to a specific user. The easiest way to do this, I believe,
> is to create a symlink from the user's home directory to this
directory.
> The catch is I want/need them to be able to delete/upload files as well.
> Root is the group and user owner of the files. 
> 
> What is the "proper" way to give rights for this user?
> 
> Thanks,
> James
> 
James,

It might be safer to put the files in the user's home directory and make
a link from within /usr.  If that can be tolerated.

Bob...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Feb 22, 2006 at 01:24:35PM -0500, James Pifer
wrote:
> I have a certain directory under /usr that I want to make available
> through vsftp to a specific user. The easiest way to do this, I believe,
> is to create a symlink from the user's home directory to this
directory.
> The catch is I want/need them to be able to delete/upload files as well.
> Root is the group and user owner of the files. 
> 
> What is the "proper" way to give rights for this user?
Okey, several others have responded, so if you are in no mood for
some redundant and, why not say, anal comments and considerations,
please ignore this one :)

1) The ideal /usr tree is the one your can keep mounted read-only. I
like to do that on all my servers.

2) FTP might not be the ideal solution for you. FTP protocol is not
safe, and easily intercepted. All login data travels in plain text

3) You REALLY should avoid doing stuff like this on /usr. For one,
it violates the FHS (maybe LSB too ?). There is no real reason
for your stuff to be on /usr in a case like that.

4) If after what everyone else commented, you still want to put
things under /usr, at least make sure your /usr/XXXXX directory
is on a separated filesystem.


And, just to be my usual anal self, mixing FTP and /usr is a 
REALLY, REALLY bad idea.

Best Regards,

- -- 
Rodrigo Barbosa <rodrigob at suespammers.org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFD/S0jpdyWzQ5b5ckRArcNAJwI0gdKD5JEs9hmjbj0UDBty87NNACgpqEU
knv7noNZmhcBuTUC1/44p7Q=j9Zw
-----END PGP SIGNATURE-----