Require a login and password for writing in the FileZilla server, but not in the reading

Question

I'm working on a android application that writes, in some parts, in a FileZilla server. In my code, I provide the login and password for the FileZilla so that the client could send some pictures and videos to it.

The client later on needs to read the FTP content (Display it), but for that purpose, he needs to enter the login and password, which I can't provide him otherwise he could write whatever he wants in my server.

Is there any way to require a login and password for writing in the FTP server, but not in the reading ??

Answer 1

You can setup two accounts on the server. One with read-only access, and one with write access. Provide the client with password to read-only account. Or you can allow even anonymous read-only access to the server.

EDIT: Also, be aware that it would not be a problem for a hacker to retrieve the hard-coded password from your Android application binary. Make sure you restrict the area, where the account can write to, ideally to a single folder only. You should also set disk quota for the account, so that the hacker cannot fill your server's disk. And you should definitelly monitor the writable folder for an unusual activity.