Unix Permissions

Top Page
This message is part of the following thread:
M++++\the complete thread tree sorted by date
MMMMMMScott at <-
MMMM.MJay at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: G.D.Thurman
Date:  
Subject: Unix Permissions
On Tue, 23 Jul 2002, Scott wrote:

> Use ACLs. We do it all the time at work. Works like a charm.
>
I have no experience with ACLs, but based upon
a quick review of http://acl.bestbits.at/
I can see a non-trivial learning curve ahead
of me.

Using standard Unix permissions, I don't know
how the task can be implemented.

Reminder of the task at hand:

You have a file that needs protected from prying eyes.
You must allow only 5 people read access, and 4 people
read/write access. The rest of the world cannot be allowed
to view it. What set of Unix permissions and ownership can
support this?

Here is an example that does *not* work.

Lognames are: dmr, bs, ken, bwk, ark
Groupnames are: guru1, guru2
Filename is: foo

all users belong to group guru1
assume ark cannot write the file
assign dmr, bs, ken, bwk to group guru2 

prompt: chown ark:guru2 foo   # owner is  ark  and group is  guru2
prompt: chmod 460 foo         # r--rw----


This does not work because the owner of a file
can write it. If ark was a 'vi' user, then
to write the file he has to do a :w! rather
than :w (and 'vi' tells him this).


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Unix PermissionsBroadband, DSL for Linux->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)