Link to home
Start Free TrialLog in
Avatar of rmicone
rmicone

asked on

can any linux ftp server control timestamps on the server side?

I cannot determine if it's possible to control timestamps on a linux FTP server, meaning that I just want to *disallow* the client to preserve the timestamp of the file.  I always want the time stamp of the file uploaded to be the local time that it was written to the FTP server.  I've been reading about MDMT commands and SITE UTIME, but I cannot see any clear way for any linux ftp server (pure-ftpd, proftpd, wu-ftpd, vsftpd...) to disallow client timestamp commands.  

Is this possible to control timestamp behavior server side?
Is this done through the OS or maybe Is this the default behavior of the FTP server?
Do I have to resort to trying to run 'touch' on every file as it gets written?

I'm open to almost any solution within reason, the server currently runs pure-ftpd but if this is easier or possible on another ftp server then I can move to that.

Thanks!
Avatar of noci
noci

Ever thought about using a webserver with a file upload facility (using CGI form) then you are in control.
only the stuff you allow in the CGI can be done.

Should not be too hard to setup, authentication can be done by the www-server, security can be achieved through ssl (https:).
present a form with a 'file' field and a upload (=send) button. In the CGI write the data to a filename of choice and never tough it again.

This should even enhance the security of things as the passwords are now send in clear text across the network.
In vsftpd you have configuration option "mdmt_write":
http://vsftpd.beasts.org/vsftpd_conf.html

Avatar of rmicone

ASKER

@noci
Yes ideally that's how I would probably do it to, but I am just doing contract work as linux admin, they have a couple programmers who choose the technology of the upload process, right now they are sticking with ftp (most people are using ie 6 to upload if you can believe it).  I will suggest this if we hit a wall with this timestamp issue.

@Blaz
I actually tried this and the server would not start, perhaps my version is too old and/or it doesn't support that option... maybe i need to try and upgrade to the most recent vsftpd... this is a Fedora 3 box :P
Security is no consideration?
The transferred data is then essentially public data....???
so any body should be able to do anything to the data?
Avatar of rmicone

ASKER

Security is a consideration of course, users login with credentials sent via the browser or ftp client, and there's an explicit TLS FTP server too, it's more of the fact that we're trying to prevent unintentional file backdating or something along those lines.  I think if I went to them and said they should only offer web upload via forms, they would probably tell me that they still need to ability of some of their clients to use plain old FTP...

anyways, right now I'm messing around with MDMT_WRITE=NO (it didn't work the first time I tried it, but I have an older version of vsftpd)... so I will post back the results as soon as I can.

Again thanks for your help and ideas... in theory you are correct, that's the best way to control permissions
Also keep in mind that they can upload a new file too... thus forward dating a file. There is a hint to a solution..., they might be able to create a file, but after transfer they should be disowned. Then they cannot adjust the file in any way.

Using the famd/gamin server you can get a notice when a change to a file/directory happens. And then take immediate action.
ASKER CERTIFIED SOLUTION
Avatar of rmicone
rmicone

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial