How to determine if you can write to a directory with SFTP because of your group?

Question

Quoting How to determine if you can write to a file with SFTP because of your group? ,

You could do mode & 00002 to see if a [directory] is writable by the public and you could get a directory listing to and see if the owner of . matches the user that you logged in with (although stat doesn't usually return the longname for SFTPv3 servers, which is what you'd need to get the username from that) but what about group permissions?

In the answer to that post it was suggested that a better way to test the writeability of a file with SFTP was to actually open that file for writing. eg. something analogous to fopen('filename.ext', 'w');.

My question is... what's the best way to determine the writeability of a directory with SFTP? You can't open a directory for writing like you can a file. My best guess: just attempt to upload a temporary file in the directory in question?

Like maybe use SSH_FXF_CREAT and SSH_FXF_EXCL? Altho the possibility that the file might already exist kinda complicates things. I guess a directory listing could be obtained and then one could attempt to upload a filename that doesn't exist but, the fact that this would require read permissions not withstanding it'd also not work as well if the directory was super large.

Any ideas?

Answer 1

What about a login script which would do a touch on that directory with that user?

If sshd would be used you could use a pam_script (pam auth module to execute a script) simply to simply do a touch testing_file_creation in your directory. You would need to add into your pam sshd configuration.

If the directory would not be writable you would get a message during your login touch: testing_file_creation: Permission denied. Of course, you could do more fancy stuff with that but this would be the very basic.