Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: marcHerf
marcHerf Author
User level: Level 1
0 points

mac access to webpage's server - no write privileges

hope you may help me with the issue as describe in the following -

any support is highly appreciated!


--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

PROBLEM


…. mac based access to webpage's server

does not allow for writing files


-------------------------------------------------

a .txt file loaded* by a webpage

continuously** updating the w-pager's values

can not be overwritten via ftp access***

when accessed by a mac****


it works perfect when offline

(a serial server provides the updates -

it overwrites the .txt file on a regular base)



* via javascript


** every 10 seconds


*** i tried several server protocols, acommand line script,

symlink, syncronising


**** macbook pro and IMac, Mac OsX 10.68



-------------------------------------------------

http://support.apple.com/kb/TA21175


"read only" error message


File Transfer Protocol (FTP) server volumes

available in the Finder

have read-only access, even when the FTP server is set to allow you write access.




--------------------------------------------------------------------------------
------------------------------------------------------------------------------- -

GOAL


access external server

with "read/write" privileges


-------------------------------------------------

… if there is any opportunity:

via apple's "go" / "connect to server"

an alias/symlink or direct access of the .txt file




--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

TRIES / WON'T WORK


the following wont' work:




- changing all main/subdirectories' files' privileges

to "0775" and even "0777"


(everybody can read/write/execute the files online)


---> read-only access when trying to overwrite the .txt file





- trying different protocols


ftp://myLog:myPass@mySiteUrl.com/mySubdirectory

---> read-only access


afp://myPage.de/subdirectory

---> error message … check the server name or IP address ...


smb://myLog:myPass@mySiteUrl.com/mySubdirectory

---> error message … check the server name or IP address ...


http://myLog:myPass@www.mySiteUrl.com/mySubdirectory

http://myLog:myPass@mySiteUrl.com/mySubdirectory

---> error message … was not found on this server ...




- mac command line mac scripts



ftp "mySiteUrl.com"

myLog

myPass

cd /mySubdirectory/file.txt


---> error message … "550 Permission denied."…




- "symlink"


---> automatically converts to a textfile,

hence looses connection to source .txt file




- "sync" directories


does only work once, not continiously

Mac OS X (10.5.7)

Posted on Jan 22, 2012 8:24 PM

Reply
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,637 points

Posted on Jan 23, 2012 8:54 AM

You're using ftp, so there's no point in thinking that your authentication credentials are secure. They aren't.


And since you're using ftp, there'll be issues with firewalls.


And ftp access to random parts of the file system is intentionally blocked.


In general, web servers should not be allowed write access to their directories, as that can reduce the damage from a web server breach.


As for one way to update the files, use the scp or sftp tools. Those are secure against exposing your credentials, and they can (if permitted by either protections or access control list) write to the web server directories, and scp and sftp can write pretty much anywhere a matching logged-in user can write.

View in context
5 replies
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,637 points

Jan 23, 2012 8:54 AM in response to marcHerf

You're using ftp, so there's no point in thinking that your authentication credentials are secure. They aren't.


And since you're using ftp, there'll be issues with firewalls.


And ftp access to random parts of the file system is intentionally blocked.


In general, web servers should not be allowed write access to their directories, as that can reduce the damage from a web server breach.


As for one way to update the files, use the scp or sftp tools. Those are secure against exposing your credentials, and they can (if permitted by either protections or access control list) write to the web server directories, and scp and sftp can write pretty much anywhere a matching logged-in user can write.

Reply
User profile for user: marcHerf
marcHerf Author
User level: Level 1
0 points

Jan 23, 2012 1:49 PM in response to MrHoffman

thanks, mrhoffman,


for your helpful reply!


googling "scp and sftp tool" i tried "firessh", "fireftp", "cyberduck", "filezilla"

- all of them are suitable for my purposes, especially "cyberduck"

since it provides features similar to those of mac's "go"/"connect to server"

& allows for read/write access.

--->

dragging a folder from the server into a mac's sidebar via "cyberduck"

the server's files appear/become accessible as if they were saved onto a harddrive)…


some of the programs as mentioned above might be based on ftp technology

but i hope that my "little snitch" and firewall settings might keep me from being captured

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,637 points

Jan 23, 2012 2:30 PM in response to marcHerf

FWIW, various web browsers will explicitly disable the use of credentials on the ftp:// command.


Mac OS X includes scp and sftp at the command line. You've found the typical GUI tools.


While ftp and sftp share three letters, some general syntax, and a similar purpose, these tools are otherwise very different tools, using different network protocols, different security; they're completely separate implementations.


Once you get the hang of using scp and sftp, you can also move to digital certificates, as these can be used in place of (or in addition to) user-specified passwords.


scp and sftp are much easier to punch through a firewall, if it comes down to requiring that.

Reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Jan 23, 2012 2:42 PM in response to marcHerf

some of the programs as mentioned above might be based on ftp technology but i hope that my "little snitch" and firewall settings might keep me from being captured


Neither Little Snitch or your firewall will do anything to protect your FTP server. They won't stop malicious users from attempting to log in to your server. They won't prevent a malicious user from sniffing your credentials over the wire as you log in, and they won't verify that an 'authorized user' is really who they say they are (with the possible exception of a firewall rule that only allows very specific IP addresses to connect).

Reply
User profile for user: marcHerf
marcHerf Author
User level: Level 1
0 points

Jan 24, 2012 1:50 AM in response to Camelot

thanks,again, for all of your support -

you provided a lot of helpful information

(and scary facts that i have not been aware of before).


though i am not really feeling better now

(knowing my macs' data might be exposed to unauthorised access

once i customise the server's settings in an unconsidered manner)

i definitely found the information i need to proceed with my project!

Reply

mac access to webpage's server - no write privileges

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up