Hello, > HomeDir is hardcoded C:\TEMP. In order to test Windows security try the following: 1) Create a new user Group "FTP-Users" 2) Right-click Drive C: | Properties | Security-Settings 3) Add group FTP-Users deny "Full Access" 4) Go to C:\Temp, Properties | Security-Settings Set proper NTFS rights to Group FTP-Users (break inheritance, copy inherited rights) 5) Create a new user make her a member of Group "FTP-Users" only.
Now, until 4) all is fine. But how do we break the inheritance. It does not let me edit the permissions for C.\Temp and subs... Just disabled checkboxes! Regards, SZ On 5/14/07, Arno Garrels <[EMAIL PROTECTED]> wrote: > > Fastream Technologies wrote: > > Hello Arno, > > > > Just found time... Sorry. I have an idea, to reduce the "NTLM context > > switches", > > It is the user security context that is switched. Currently > LogOnUser API is called once on login at the application level. > > > why don't we increase the buffer size from 1460 bytes to > > 8KB? > > That's what I did with my copy and speed increased ~30%! I think > > obeying Ethernet buffer size is less important than obeying Winsock > > buffer size and making it larger for less context switches. > > Increasing component read/write buffer was enough, since context switches > currently happen on file system access only. I haven't noted a performance > decrease so far. > > > > > BTW, in my Vista Biz, I am unable to find a way to create a new user > > group--does the groups exist on Vista? > > It's the same as in XP Pro > (Administrative Tools |Computer Management | Local Users and Groups). > > > My XP Home laptop is in > > repair...sorry once again. > > AFAIK the Home edition doesn't provide an option to set NTFS rights > as required by default. > > -- > Arno Garrels [TeamICS] > http://www.overbyte.be/eng/overbyte/teamics.html > > > > > > Best Regards, > > > > SZ > > > > > > On 5/13/07, Arno Garrels <[EMAIL PROTECTED]> wrote: > >> > >> Fastream Technologies wrote: > >>> Not yet. Having personal problems these days.. :(( > >> > >> I uploaded a new version with some common improvements > >> and fixes. There's a new option to hide the physical > >> path, see Menu | Options. > >> > >> http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip > >> > >> HomeDir is hardcoded C:\TEMP. > >> In order to test Windows security try the following: > >> 1) Create a new user Group "FTP-Users" > >> 2) Right-click Drive C: | Properties | Security-Settings > >> 3) Add group FTP-Users deny "Full Access" > >> 4) Go to C:\Temp, Properties | Security-Settings > >> Set proper NTFS rights to Group FTP-Users (break inheritance, > >> copy inherited rights) > >> 5) Create a new user make her a member of Group "FTP-Users" only. > >> > >> Make sure the server process runs in an account with sufficent > >> permissions. Since the FtpSrv demo is not Vista-compatible > >> please try on a different NT-OS or turn off virtualization > >> as well as UAC or try to run the demo As Administrator. > >> > >> BTW: Even disk quotas work (I tested in XP). > >> > >> -- > >> Arno Garrels [TeamICS] > >> http://www.overbyte.be/eng/overbyte/teamics.html > >> > >> > >>> > >>> On 5/11/07, Arno Garrels <[EMAIL PROTECTED]> wrote: > >>>> > >>>> Fastream Technologies wrote: > >>>>> Hello Arno, > >>>>> > >>>>> I use Windows Vista Business. I went to the control panel and > >>>>> created what's called a "limited" user. Now that user can go into > >>>>> C:\Windows and list file/folder listings when logged in with your > >>>>> server demo. Is this normal? > >>>> > >>>> SZ, > >>>> > >>>> Any progress in testing? > >>>> > >>>> -- > >>>> Arno Garrels [TeamICS] > >>>> http://www.overbyte.be/eng/overbyte/teamics.html > >>>> > >>>> > >>>> > >>>>> Regards, > >>>>> > >>>>> SZ > >>>>> > >>>>> > >>>>> On 5/10/07, Arno Garrels <[EMAIL PROTECTED]> wrote: > >>>>>> > >>>>>>> Perhaps you can code the NTLM into ICS FTP Server demo? Believe > >>>>>>> me there is DEMAND for it! Fastream offers you $200 for the > >>>>>>> task to be completed in 10 days plus we can help you test. I > >>>>>>> know $200 is not much for a German company but this code could > >>>>>>> be used by many people so it's well spent effort (remember we > >>>>>>> will donate the demo). > >>>>>> > >>>>>> OK, some money is always welcome :-) I uploaded the result for > >>>>>> testing (binary only): > >>>>>> > >>>>>> http://www.duodata.de/misc/delphi/OverbyteIcsFtpServ.zip > >>>>>> > >>>>>> It might be slower than the original v6 demo since security > >>>>>> context is switched very frequently, please check whether it's > >>>>>> too slow. Note that currently CWD works for directory names with > >>>>>> length <= 3 as well as with current HomeDir (Angus can you tell > >>>>>> us why?). PWD also always succeeds. It's possible to upload a > >>>>>> zero-size file even if the user has only read access (file is > >>>>>> not written). My solution impersonates user's Windows security > >>>>>> context upon filesystem access, all events however are triggered > >>>>>> in the the context of server's process, it may be usefull to > >>>>>> switch to user's context in some events as well, but that was > >>>>>> fine tuning and should be discussed here. > >>>>>> > >>>>>> BTW: I changed/fixed the STOU command, can somebody please test? > >>>>>> > >>>>>> -- > >>>>>> Arno Garrels [TeamICS] > >>>>>> http://www.overbyte.be/eng/overbyte/teamics.html > >>>>>> > >>>>>> > >>>>>> > >>>>>> -- > >>>>>> To unsubscribe or change your settings for TWSocket mailing list > >>>>>> please goto http://www.elists.org/mailman/listinfo/twsocket > >>>>>> Visit our website at http://www.overbyte.be > >>>> -- > >>>> To unsubscribe or change your settings for TWSocket mailing list > >>>> please goto http://www.elists.org/mailman/listinfo/twsocket > >>>> Visit our website at http://www.overbyte.be > >> -- > >> To unsubscribe or change your settings for TWSocket mailing list > >> please goto http://www.elists.org/mailman/listinfo/twsocket > >> Visit our website at http://www.overbyte.be > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
