Posted by: Molly
Posted on: 2007-04-30 16:19:00
I want to make a folder where a client can upload or download files. It should be password-protected and the user and password shouldn't have access to any of my other stuff, though of course I need access to it through my own login.
Is this one of those things that I can't figure out because it is too simple? Can someone point me to info on how to do this?
Posted by: rlparker
Posted on: 2007-04-30 16:30:00
In reply to:I want to make a folder where a client can upload or download files. It should be password-protected and the user and password shouldn't have access to any of my other stuff, though of course I need access to it through my own login.
Actually, your requirement that "I need to access to it through my own login" is what makes it "not so simple", given *nix style permissions on DH.
While there *are* workarounds you could experiment with, involving the creation and management of *nix style groups, they are rather complicated, non-intuitive, and a general PITA to manage for most.
That said, if you *must* use FTP in this way, the easiest and most secure way to do this is to set them up their own FTP use/space, and then when you need to access the files, you log-in as that user.
I prefer to accomplish this using CGI scripting. This allows the user to upload the files, but allow *me* to retain ownership of the files. This works especially well on DH because of DH's use of suexec, which allows CGI to tun as your user, rather than as a separate user for the webserver.
I highly recommend ffileman, which is a "free" perl-based filemanager script that is easy to install and runs well on DH. I do not recommend using PHP scripts (there are *many* out there) for this if you anticipate needing to upload files greater than 7MB on DH, due to the limits of DH default PHP installation.
This works very nicely when set up as a sub-domain (files.yourdomain.tld, or similar), though it can also be configured to only traverse "limited" branch of a standard directory tree. You can also set it up behind apache authentication as an alternate (or additional) security mechanism.
--rlparker
Posted by: Molly
Posted on: 2007-05-01 14:35:00
Thanks for your reply! I finally solved the problem, and I was right - I couldn't figure out what it was because it was too simple. Your suggestion about a subdomain did penetrate, though, and I finally figured out that each user sees a different root folder. (I didn't really need to be able to access it with my user.) All I needed to do was set up a new user, then make a subdomain and assign it to that user.
Molly
Posted by: rlparker
Posted on: 2007-05-01 15:39:00
Good deal, I'm glad you were able to get it set up to your liking! 
--rlparker