A new layer of fine-grained access controls which sits on top of the standard UNIX filesystem access controls was introduced starting with NcFTPd 2.8.0.
|R||ReadAll||Intended to include all file read permission type operations; currently only includes r.|
|r||FileRead||Controls whether a file can be downloaded.|
|W||WriteAll||Includes all file write permission type operations, the m, a, and c options, and also includes the other filesystem-modifying operations d, n, M, D, t, o, and l.|
|w||FileWrite||Includes all file write permission type operations, the m, a, and c options.|
|m||Modify||Controls whether an existing file can be uploaded into or overwritten.|
|a||Append||Controls whether a file can be appended to with uploaded data.|
|c||Create||Controls whether new files can be added.|
|d||Delete||Controls whether existing files can be deleted.|
|n||Rename||Controls whether existing files or directories can be renamed.|
|L||List||Controls whether directory listings are allowed.|
|C||Chdir||Controls whether changing the current working directory is allowed. It is recommended that a user always have this permission so that their FTP client programs work correctly.|
|M||Mkdir||Controls whether new directories can be created.|
|D||Rmdir||Controls whether existing directories can be deleted.|
|t||Utime||Controls whether existing files or directories can have their modification timestamp changed using a SITE UTIME command. Note: a user always has permission to set the timestamp of the last file the user successfully uploaded in the same login session.|
|u||Umask||Controls whether users are allowed to change their umask using a SITE UMASK command.|
|o||Chmod||Controls whether the standard UNIX filesystem permission bits can be changed with chmod via a SITE CHMOD command.|
|l||Symlink||Controls whether new symbolic links can be created using a SITE SYMLINK command.|
|*||All||Includes all options. Useful for situations where you want to remove all permissions and add back just a few. For example the user permissions string
Extended User Permissions were introduced because system administrators needed more control than NcFTPd's existing configurable options (such as
A user permissions string (UPS) is simply a list of the one letter option codes, preceded by a one-character modifier. The modifiers are "-", which disables a permission, and "+", which enables a permission. A simple UPS which removes read permission would be "-r".
User permissions strings can contain multiple operations. A UPS which removes Write permission but adds back Rename permission would be "-W +n". A UPS that removes all permissions but adds back FileRead, List, and Chdir permissions would be "-* +rCL".
There are three primary places where you would use a user permissions string: as part of a user class with the
Any of those three places can apply a user permissions string to change the permissions attributes for the remote user. For example, if the user matched a restricted group and
Remember that the file ownerships, group memberships, and permission bits on files still apply. NcFTPd's Extended User Permissions are intended to be used so you can deny permission irrespective of the UNIX access controls.
For example, if a NcFTPd user was configured by you with a UPS of
The important thing to realize is that enabling a permission using extended user permissions does not ignore the underlying UNIX filesystem. For example, if a user has a UPS of
|-W||A "read-only" user (created by removing WriteAll).|
|-R||A "write-only" user (created by removing ReadAll).|
|-RW +c||An "add-new-files-only" user.|
|-RW +cnM||An "add-new-files-only" user that can rename items and create new directories.|
|-* +CL||A "browse-only" user that cannot transfer files, but can navigate the filesystem.|