5 Replies Latest reply: Jan 24, 2012 1:50 AM by marcHerf
marcHerf Level 1 Level 1 (0 points)

hope you may help me with the issue as describe in the following -

any support is highly appreciated!

 

--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

PROBLEM


 

…. mac based access to webpage's server 

does not allow for writing files


 

-------------------------------------------------

a .txt file loaded* by a webpage

continuously** updating the w-pager's values

can not be overwritten via ftp access***

when accessed by a mac****


 

it works perfect when offline

(a serial server provides the updates -

it overwrites the .txt file on a regular base)


 

 

*     via javascript

 

**   every 10 seconds

 

***  i tried several server protocols, acommand line script,

      symlink, syncronising

 

****  macbook pro and IMac, Mac OsX 10.68


 

 

-------------------------------------------------

http://support.apple.com/kb/TA21175

 

"read only" error message


 

File Transfer Protocol (FTP) server volumes

available in the Finder

have read-only access, even when the FTP server is set to allow you write access.

 

 

 

--------------------------------------------------------------------------------
------------------------------------------------------------------------------- -

GOAL


 

access external server

with "read/write" privileges


 

-------------------------------------------------

… if there is any opportunity:

via apple's "go" / "connect to server"

an alias/symlink or direct access of the .txt file

 

 

 

--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

TRIES / WON'T WORK


 

the following wont' work:

 

 

 

- changing all main/subdirectories' files' privileges

  to "0775" and even "0777"

 


(everybody can read/write/execute the files online)

 

---> read-only access when trying to overwrite the .txt file

 


 

 

 

- trying different protocols

 

ftp://myLog:myPass@mySiteUrl.com/mySubdirectory

---> read-only access


 

afp://myPage.de/subdirectory

---> error message … check the server name or IP address ...


 

smb://myLog:myPass@mySiteUrl.com/mySubdirectory

---> error message … check the server name or IP address ...


 

http://myLog:myPass@www.mySiteUrl.com/mySubdirectory

http://myLog:myPass@mySiteUrl.com/mySubdirectory

---> error message … was not found on this server ...

 


 

 

- mac command line mac scripts


 

 

ftp "mySiteUrl.com"

myLog

myPass

cd /mySubdirectory/file.txt

 

---> error message … "550 Permission denied."…

 


 

 

- "symlink"

 

--->  automatically converts to a textfile,

hence looses connection to source .txt file

 

 

 

- "sync" directories


 

does only work once, not continiously


Mac OS X (10.5.7)
  • MrHoffman Level 6 Level 6 (13,305 points)

    You're using ftp, so there's no point in thinking that your authentication credentials are secure.  They aren't.

     

    And since you're using ftp, there'll be issues with firewalls.

     

    And ftp access to random parts of the file system is intentionally blocked.

     

    In general, web servers should not be allowed write access to their directories, as that can reduce the damage from a web server breach.

     

    As for one way to update the files, use the scp or sftp tools.  Those are secure against exposing your credentials, and they can (if permitted by either protections or access control list) write to the web server directories, and scp and sftp can write pretty much anywhere a matching logged-in user can write.

  • marcHerf Level 1 Level 1 (0 points)

    thanks, mrhoffman,

     

    for your helpful reply!

     

    googling "scp and sftp tool" i tried "firessh", "fireftp", "cyberduck", "filezilla"

    - all of them are suitable for my purposes, especially "cyberduck"

    since it provides features similar to those of mac's "go"/"connect to server"

    & allows for read/write access.

    --->

    dragging a folder from the server into a mac's sidebar via "cyberduck"

    the server's files appear/become accessible as if they were saved onto a harddrive)…

     

    some of the programs as mentioned above might be based on ftp technology

    but i hope that my "little snitch" and firewall settings might keep me from being captured

  • MrHoffman Level 6 Level 6 (13,305 points)

    FWIW, various web browsers will explicitly disable the use of credentials on the ftp:// command.

     

    Mac OS X includes scp and sftp at the command line.  You've found the typical GUI tools.

     

    While ftp and sftp share three letters, some general syntax, and a similar purpose, these tools are otherwise very different tools, using different network protocols, different security; they're completely separate implementations.

     

    Once you get the hang of using scp and sftp, you can also move to digital certificates, as these can be used in place of (or in addition to) user-specified passwords.

     

    scp and sftp are much easier to punch through a firewall, if it comes down to requiring that.

  • Camelot Level 8 Level 8 (46,450 points)

    some of the programs as mentioned above might be based on ftp technology but i hope that my "little snitch" and firewall settings might keep me from being captured

     

    Neither Little Snitch or your firewall will do anything to protect your FTP server. They won't stop malicious users from attempting to log in to your server. They won't prevent a malicious user from sniffing your credentials over the wire as you log in, and they won't verify that an 'authorized user' is really who they say they are (with the possible exception of a firewall rule that only allows very specific IP addresses to connect).

  • marcHerf Level 1 Level 1 (0 points)

    thanks,again, for all of your support -

    you provided a lot of helpful information

    (and scary facts that i have not been aware of before).

     

    though i am not really feeling better now

    (knowing my macs' data might be exposed to unauthorised access

    once i customise the server's settings in an unconsidered manner)

    i definitely found the information i need to proceed with my project!