I completely agree with you. In fact this is the
reason I have hardcoded user and group names in our
FileObject implementations. May be one thing we can do
is to add few methods like changeOwner() and
changeGroup() in FileObject interface. It will return
true if success. So the current implementations will
return false. If the user wants to use a new file
system manager which will use JNI, these methods can
be overwritten.

What do you think?

Rana Bhattacharyya

--- Sergey Vladimirov <[EMAIL PROTECTED]> wrote:

> Hi, Dave, Franz,
> I'm not sure is it possible to implement that
> commands in Java. The simplest
> solution will be to call system chmod commands,
> depends on system OS. But it
> is not 100% pure Java.
> 2006/1/11, Dave Roberts
> >
> > It was 11/01/2006 06:45, when Franz Stumpner
> wrote:
> >
> > > I'm using Apache FTP on Debian Sarge Linux,
> after I transferred files to
> > > the FTP Server the owner of the file is always
> root:root and readable
> > > for owner and group.
> >
> > You should carefully consider the security
> implications of allowing
> > such a command.  If your files are uploaded as
> root, then you don't
> > want remote users setting the setuid and execute
> bits.  Apologies if
> > this is obvious to you.
> >
> --
> Sergey Vladimirov

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

Reply via email to