I can distinguish groups of people that can read my FTP and group of people that can write my FTP

- I setup a group of readers
- I setup a group of writers
- When I'm a writer I can create/update/delete files and directories in my dedicated spaces (verify that I can remove files of other writers too)
- When I'm a reader I can read files in the dedicated space, I can browse the directories below too.
- When I'm neither a reader or a writer, I cannot access (neither top directory nor directory below)

=> This is a security/permission feature, please be careful in implementation and tests
=> This requires linux ACL (see technical details below)

Works (same way) on both centos5 (need to be enabled in fstab) and centos6 (by default)
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html

Few commands:
chmod -R u+s,g+s,o-rwx /var/lib/tuleap/secure_ftp/gpig1
chown -R dummy:gpig /var/lib/tuleap/secure_ftp/gpig1

#
getfacl /var/lib/tuleap/secure_ftp/gpig1

# setfacl -R -m g:gpig_writers:rwx,g:gpig_readers:rx /var/lib/tuleap/secure_ftp/gpig1

Things to check what:
- what mode means (-x m:...) and what is the impact
- what default means and what is the impact

# Allowing directory traversal without reading it
chown codendiadm:codendiadm /var/lib/tuleap/secure_ftp
chmod 751 /var/lib/tuleap/secure_ftp