Hi All,
I plan to use the vsftpd FTP damon in Ubuntu Linux server running my
rails website. My website needs automatically create new FTP accounts
everytime a new registration occurs.
I have done basic homework of googling and search this forum and cannot
find any sugestion or good examples. Can someone please give me some
idea on what steps I need to program (rails code example)?
I am new to Linux / rails world. Thanks.
Regards,
JB
That’s easy, simply make a system call within your Rails app using
backticks, and pass the command to create new ftp accounts. You MUST
make sure the passed is safe and has been sanitized.
Does anybody else get the heebie-jeebies at the thought of running a web
app under a user account w/perms enough to create FTP users? 
Have you considered other methods for empowering your users to move
files back & forth to your server (e.g., attachment_fu)? If that would
suit, you’ll probably wind up w/a more secure app…
Cheers,
-Roy
Agreed. Giving Rails any FTP privileges beyond read is a disaster
waiting to
happen. Go with something that will allow Rails to handle file transfer
on
it’s own.
JB, take a look at Boxroom. http://boxroom.rubyforge.org/ This is what I
use
for sharing files between clients and friends. I run it as it’s own
application, but with a little tinkering you can integrate it into
whatever
you’re doing.
Jb Li wrote:
I concern about possible the security issues with FTP, but most security
cameras (I know of) has FTP feature.
If you do end up using FTP for this you might want to check your devices
to see if they support Secure FTP (SFTP). At least that way the content
they would be transporting would be encrypted while traversing the
network.
You will still need to carefully consider (and probably monitor) any
automatically created FTP accounts. It might also be important to
investigate the FTP server software you use for any known security
related bugs. FTP servers are a hot target for hackers and warez bots,
as I’m sure you are aware.
Unfortunately FTP is one of those protocols invented before anyone cared
much about security.
Thank you all!
(I was distracted by another project from my angry boss, but I am still
alive and watching this forum).
I am actually resuming my project of allowing a end-user (account) to
able able to FTP-up images right from their security cameras. I don’t
mean web-cams from kids, but real security firms.
Again, I am thinking, once the user opens his or her account, an FTP
access will be automatically created as part of the account preparation.
I concern about possible the security issues with FTP, but most security
cameras (I know of) has FTP feature.
Thanks,
JB
Patrick Sullivan wrote:
Agreed. Giving Rails any FTP privileges beyond read is a disaster
waiting to
happen. Go with something that will allow Rails to handle file transfer
on
it’s own.JB, take a look at Boxroom. http://boxroom.rubyforge.org/ This is what I
use
for sharing files between clients and friends. I run it as it’s own
application, but with a little tinkering you can integrate it into
whatever
you’re doing.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs