On Wed, Nov 23, 2016 at 2:06 PM, Chris Cook <[email protected]> wrote:
> As far as I know, I think you are going to be out of luck there. Every > major file transfer protocol that I know of requires read privileges to > even list the file/directory when the storage heap/mount is queried. > > There are some weird file storage protocols out there that can > expose/parse a file/directory name but prevent it from being accessed but > these protocol settings are usually made at the storage adapter level. > > This is based on my experiences - there maybe someone else that knows > something a little easier to implement... > > With Guacamole acting as the intermediary between the remote desktop and the user, it does have to intentionally service each upload or download, so selectively refusing to service download requests is possible. That said ... just because it can be done (perhaps even easily so) doesn't mean it *should* be done. Marko, can you describe why you need to allow file uploads but deny downloads? What your use case for such restrictions? - Mike
