Re: Unix groups and file access
From: Birger Blixt (Birger.Blixt_at_uab.ericsson.se)
Date: 05/27/04
- Previous message: Rajesh Gopinathan: "Locale compile Syntax error!"
- In reply to: Kevin Collins: "Re: Unix groups and file access"
- Next in thread: Flip: "Re: Unix groups and file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 27 May 2004 19:07:26 +0200
On 2004-05-18 22:27, Kevin Collins wrote:
> In article <g%dqc.5021$SZ4.1245@newsread2.news.pas.earthlink.net>, Alan Connor
> wrote:
>
>>On Mon, 17 May 2004 20:54:07 -0400, Barry Margolin <barmar@alum.mit.edu>
>>wrote:
>>
>>>
>>>In article <3898598f.0405171539.76135729@posting.google.com>,
>>> hsphuah@usa.com (Hon Seng Phuah) wrote:
>>>
>>>
>>>>Barry Margolin <barmar@alum.mit.edu> wrote in message
>>>>news:<barmar-F05882.00221217052004@comcast.dca.giganews.com>...
>>>>
>>>>>In article <3898598f.0405161747.75d5a43e@posting.google.com>,
>>>>> hsphuah@usa.com (Hon Seng Phuah) wrote:
>>>>>
>>>>>
>>>>>>Hi all.
>>>>>>
>>>>>>I have a simple questionsa and hope to someone can guilde me. Thank
>>>>>>you. I have a new group created, abc, and create file, test. I typed
>>>>>>chgrp abc test and chmod 750 test.
>>>>>>
>>>>>>My colleague who is from group, abc, tried to read the file test, the
>>>>>>system displayed permission deny. Why? My file stored in the directory
>>>>>>has 755 directory permission setting.
>>>>>>
>>>>>>-HS Phuah
>>>>>
>>>>>Maybe there's an ACL on the file or directory that's more restrictive
>>>>>than the permission modes.
>>>
>>>>What is ACL?
>>>
>>>Access Control List. This is a permission mechanism that provides finer
>>>grained control than permission modes (you can assign permissions to
>>>multiple users and groups). Directories can have a default ACL that is
>>>applied to new files created there.
>>>
>>
>>I searched high and low on my box, and couldn't find more than about a
>>paragraph total on the the subject of ACLs, and that in my kernel docum-
>>entation.
>>
>>Sure was in a lot of header files and c programs, though. But they weren't
>>commented very well.
>>
>>It's an "unused, reserved" field in the inode structure on ext2 (linux).
>>
>>
>>My first thought was the stickiy bit, but that would only prevent him from unlinking
>>or moving the file.
>>
>>Be interesting to see the output of ls -l on the file and the directory.
>
>
> ACLs are typically a filesystem contruct, and so it really depends on the
> particular filesystem type.
>
> Also, it can be hard to diagnose an ACL related problem if you are unaware that
> ACLs are in effect, because the real permissions will not be represented in an
> 'ls -l'...
>
> Kevin
If ACL's are used, a ls -l will show -rwxr-x---+ (a extra + )
But if this was a file and not a program, it's wrong permission.
Do chmod a-x test to change it to 640 to prevent someone with . in the $path to open it as a script
and get nonsense responds like permission denied or something.
/bb
- Previous message: Rajesh Gopinathan: "Locale compile Syntax error!"
- In reply to: Kevin Collins: "Re: Unix groups and file access"
- Next in thread: Flip: "Re: Unix groups and file access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
