File System, Security, FTP and code access

Can anyone point me to a coherent description of how the Net/OS security works, where user names and passwords are set, where they are used and so on?

My immediate problem is that within my code I want to be able to read a file uploaded via FTP into the Flash file system. At the moment I’m using fopen() and so on - I don’t need the relative complexity of the Net/OS file handler. The errors I get appear to be security-related.

Any suggestions?

Check out System Access in the API Reference

Yes, I’d found that. I guess what I’m really after is the ‘chapter’ to which that was the summary.

I’ve managed to sort the immediate problem, based on snippets I picked up on from various places, but definitely left with this feeling that I’m missing something.

For example

  • is the ‘system security database’ volatile or non-volatile?
  • is NASYSACC_LEVEL_RW a totally separate permission to the individual file groups?

The users are volatile and need to be re-added on startup. By default there’s a stored ‘root’ and ‘admin’ user. See the devBoardParamsType structure in boardParams.h and see where they’re added in netosStartup in bsproot.c. You can store/retrieve additional users from the free space in NVRAM.

From the notes below Security Levels in the Reference API:


NASYSACC_LEVEL_R or NASYSACC_LEVEL_RW must be set to have access on FTP server and TELNET.
NASYSACC_LEVEL_RW must be set to have access on PPP.
NAHttpSetRealmSecurity() must be called to setup realm security for each NASYSACC_LEVEL_HTTP_Rn access level for HTTP server.
The read access for file system group 1 to 8 are always associated with realm 1 to 8 in the HTTP server. You must have read access in order for HTTP server to access the file system.

I guess I have the same problem as steved. But I think the hack that is proposed in the sslsvr example (to change the permissions in startfilesystem.c) seems to be a bad way to fix things. Esp. since that file is shared between projects in eclipse.

How can I control what user fopen uses when it checks the permissions ? As far as I can understand from the docs NAsetSysAccess() only changes the database ?