Just a suggestion. Why not have TWO directories? (a) WRITE ONLY - anyone can send files to it - normally named: INCOMING (b) READ ONLY - anyone can read any file Just in case, you can (probably should) monitor what is added to (a), then copy it over to (b) ONLY after it is checked. Having (a) which only you can look at (you might allow the contents to be displayed, but I would not recommend it) provides much better security. I also suggest that for any file larger that 10 MB, an MD5 checksum also be sent so you can verify the large file was sent correctly. I thought of doing this, but it requires manual intervention, delays etc. so I decided to go with the on directory approach, with the expectation that people on HECnet are reasonably responsible. If there is a huge amount of abuse / corrupted files I'll rethink the strategy. Thanks for the tip though.