Re: Negative permissions WITHOUT ACLs
- From: Barry Margolin <barmar@xxxxxxxxxxxx>
- Date: Wed, 11 Oct 2006 23:38:09 -0400
In article <1160572724.150078.47390@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
"Starfish" <frel8817@xxxxxxxxxxxxx> wrote:
Hello, if someone can answer this question you make a lot of Uppsala
University students happy.
Here goes: How do you specify negative permission¹ in Unix/Linux
without using ACLs?
¹E.g. saying that the user "Ellen" should not have write access to a
file regardless of the permissions given to her groups.
Make ellen the owner of the file, and omit the write permission from the
owner, i.e.
chown ellen filename
chmod o-w filename
However, a problem with this is that since ellen is the owner, she can
change the permissions and give herself write permissions. So this is
really only useful as a safety net, or in restricted environments where
users don't have access to the chmod command (e.g. it can be useful on
FTP servers -- you can create an anonymous upload directory where the
anonymous userid doesn't have any permissions to the files they've
created).
--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.
- References:
- Negative permissions WITHOUT ACLs
- From: Starfish
- Negative permissions WITHOUT ACLs
- Prev by Date: Re: Dlink.com.sg intrusion with worm??
- Next by Date: Re: Dlink.com.sg intrusion with worm??
- Previous by thread: Re: Negative permissions WITHOUT ACLs
- Next by thread: Re: Negative permissions WITHOUT ACLs
- Index(es):
Relevant Pages
|
