# Users Restrictions



## freezr (Jun 8, 2022)

Hi folks,

I skimmed a couple of time the Handbook and I haven't found any specific case for this.
I would like to share my Capsule with a friend of mine giving to him an sftp access to his Capsule folder, however I would like to put in action some restrictions regarding which kind of files are allowed (or forbid), maximum size allowed for any files, quotas (this is easy) etc...

I know with Samba you can put in action all these restrictions but I have not idea how you can do the same with FreeBSD and OpenSSH, and if you can really do something like that...

Is there any specific documentation that I missed or I should take a look again?

Thanks!

F.


----------



## SirDice (Jun 8, 2022)

There's no way to restrict the _kind_ of file being transferred, no. A file is a file, there's not much else to it. It can contain anything. Maximum file size however should be possible but you may need to use a more feature rich (S)FTP service instead of the builtin one.


----------



## freezr (Jun 9, 2022)

SirDice

Thank you sir, I see...

However there are web services to upload content that check for file extensions and also for metadata so you can't import a zip file with a jpg extensions, these can put a limit on the weight of the file.

I have been always thinking that such control was a standard behavior for the majority of the OS out there.

Where, based on your experience, could I find more information regarding my concerning?

Thanks again!


----------



## rafael_grether (Jun 10, 2022)

freezr, if you want to use SFTP/SCP to transfer files, I think there is no way. A file (as a packet) is transferred, without any restrictions about file type.

But if you want to restrict file type upload (and/or other criteria), I may suggest you to create a Web Server, and create some CGI script that put this file in a temporary directory, and check the metadata (I suggest you to use graphics/p5-Image-ExifTool - I'm the maintainer, by the way xD ) to decide whether to move this file to a permanent directory or delete the file.
But I don't know if it is the best solution...probably not.


----------



## bakul (Jun 10, 2022)

freezr said:


> I would like to share my Capsule with a friend of mine giving to him an sftp access to his Capsule folder, however I would like to put in action some restrictions regarding which kind of files are allowed (or forbid), maximum size allowed for any files, quotas (this is easy) etc...


Probably not the answer you want but a 9p or FUSE fileserver would be able to do this. Basically user code will be run on every file operation (open, close, read, write, etc). so you can make it do whatever you want. But someone will have to write it for you....


----------



## freezr (Jun 11, 2022)

bakul said:


> Probably not the answer you want but a 9p or FUSE fileserver would be able to do this. Basically user code will be run on every file operation (open, close, read, write, etc). so you can make it do whatever you want. But someone will have to write it for you....


Actually a couple friends of mine have been working on such 9p implementation...



			home | kamid


----------

