[CentOS] Proper way to give rights at the file system?

Wed Feb 22 19:01:18 UTC 2006
Jeff Kinz <jkinz at kinz.org>

On Wed, Feb 22, 2006 at 01:50:36PM -0500, James Pifer wrote:
> > There really isn't.  If you're going to give the person write access to 
> > /usr you'd better really trust that person.  If you trust that person 
> > enough to do that, you might as well just allow them to have root access 
> > through sudo so you can keep track of their activities.
> Let me give a few more details. The person will have to access this
> through a portal, which will only allow access to the directories that I
> specify. The backend portal process will connect to the system using
> vsftp. So the user will not have wide open access to the system and they
> will not even know the login info. 
> So it sounds like I need to do chmod on all the files under that
> directory? 

Two points of information:

	To chmod an entire tree (everything under directory "X" and X
	itself) do :   

	chmod -R  [permissions]   X

	the "-R" causes it to do every file and directory within and
	under "X"

	This is a risky configuration.
	You probably should not do this to "/usr".  arbitrarily changing
	permission on system files WILL break your system.

	I suggest creating another directory else and letting the user(s)
	upload files to that safe place, then moving the files into your
	system yourself after they arrive. (Or have some trusted admin
	do it.

> Do files inherently inherit the rights of the directory that contains
> them? My concern is with new files that get created, even by root. If
> they are in the directory that I give access to, it's assumed the user
> can do what they want with it, as update or delete. 
> Thanks,
> James
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

Jeff Kinz, Emergent Research, Hudson, MA.
speech recognition software may have been used to create this e-mail

"The greatest dangers to liberty lurk in insidious encroachment by men
of zeal, well-meaning but without understanding." - Brandeis

To think contrary to one's era is heroism. But to speak against it is
madness. -- Eugene Ionesco