[tclug-list] FTP Server

[Smith, Craig A]

florin wrote:

>But overall I say the web application will be more user friendly and
easier to deploy.
>The end-users don't need to install and update any client application.

Cheers to that!

When the questioner gives the end-users a url and password to download
the files he's posted, he can also mentioned he's saving $200/yr using a
self-singed cert, so they can expect a warning their browser does not
recognize the certificate authority.

But perhaps the end-users also need to upload files?  

In that case, I think it's more secure to go with a mature ftpd
solution, like vsftpd (dare I even suggest an up-to-date and carefully
configured wu-ftpd?).  I think there's too much potential for abuse
using a form and cgi script to upload content from the web.  Also, since
the questioner presumably will already be using ftp to upload files, it
may make sense to use ftp to manage a shared directory.  The answer may
boil down to separate upload and download folders with different file
permissions.  You can edit the ftp server's config file to set the
umask.  End-users can use the free FileZilla ftp client.