From owner-freebsd-questions@FreeBSD.ORG  Mon May  7 20:46:14 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B06B1106566C
	for <questions@freebsd.org>; Mon,  7 May 2012 20:46:14 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from nk11p00mm-asmtp006.mac.com (nk11p00mm-asmtp006.mac.com
	[17.158.161.5]) by mx1.freebsd.org (Postfix) with ESMTP id 934218FC0C
	for <questions@freebsd.org>; Mon,  7 May 2012 20:46:14 +0000 (UTC)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; CHARSET=US-ASCII
Received: from cswiger1.apple.com (unknown [17.209.4.71])
	by nk11p00mm-asmtp006.mac.com
	(Oracle Communications Messaging Server 7u4-23.01(7.0.4.23.0) 64bit
	(built Aug
	10 2011)) with ESMTPSA id <0M3O00KHI48I1S10@nk11p00mm-asmtp006.mac.com>
	for questions@freebsd.org; Mon, 07 May 2012 19:45:55 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure
	engine=2.50.10432:5.6.7580,1.0.260,0.0.0000
	definitions=2012-05-07_04:2012-05-07, 2012-05-07,
	1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
	ipscore=0 suspectscore=0 phishscore=0 bulkscore=4 adultscore=0
	classifier=spam
	adjust=0 reason=mlx scancount=1 engine=6.0.2-1012030000
	definitions=main-1205070242
From: Chuck Swiger <cswiger@mac.com>
In-reply-to: <CAJfn-REgWrEP-g9uAxGOpsvt8SxuKOf_xXr=5iy4SahP0cpvoA@mail.gmail.com>
Date: Mon, 07 May 2012 12:45:54 -0700
Message-id: <E4A603EC-1FE8-4CAC-980F-A97B12A8B919@mac.com>
References: <CAJfn-REgWrEP-g9uAxGOpsvt8SxuKOf_xXr=5iy4SahP0cpvoA@mail.gmail.com>
To: Paul Halliday <paul.halliday@gmail.com>
X-Mailer: Apple Mail (2.1084)
Cc: questions@freebsd.org
Subject: Re: Write only directory.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2012 20:46:14 -0000

On May 7, 2012, at 11:38 AM, Paul Halliday wrote:
> Is it possible to let a user write to a directory but not access the
> file after they write it?
> 
> The file is being transferred via scp and after the transfer I don't
> want them to be able to re-fetch or even get a directory listing.

A directory with 0300 / 0330 umask permissions will prevent directory listing, but if they know the filename, they can still read from it as a necessary consequence of being able to write to it (think of appending data).

It sounds like you are trying to implement the SFTP equivalent of an FTP incoming upload dropbox, so the comments in "man ftpd" might be helpful.  However, it might be easier to setup a cronjob every minute which moves any files in the dropbox location to some other place for review and processing, which will prevent read access as well as making directory listings moot.  (People offering anonymous FTP incoming tend to do this, even if their ftpd offers support for blocking read access for anonymous users, etc...)

Regards,
-- 
-Chuck