topic Create a user with limited access in Operating System - HP-UX

Create a user with limited access

Tom Gore — Tue, 23 Mar 2004 10:05:55 GMT

I am having a problem creating a user with limited access. I created a new group and added a user to the new group. My problem is that this user can delete directories that I do not want them to have access to.

Example:
The user is TOM, the group is MINE
directory looks like this:
drwxrwx--- 2 root sys 96 Mar 23 8:00 test

The user TOM can delete the above directory. I do not understand how this is happening. Let me also add that we are -not- set up as a trusted system (they did not wnat to take this approach when the system was created). What am I missing? The group MINE is not part of any other group and the user TOM only exists in the group MINE.

Thanks,
Tom

Re: Create a user with limited access

A. Clay Stephenson — Tue, 23 Mar 2004 10:11:19 GMT

You need to look at the permissions of the directory above the "test" directory. You can also set the "sticky" (octal 1000) bit on a directory so that only the owner of a file may delete them in that directory. One approach that you might look into to give you finer control is ACL's. Man setacl, getacl for details.

Re: Create a user with limited access

Tom Gore — Tue, 23 Mar 2004 10:22:32 GMT

Thanks, I "forgot" about the higher level security. But that brings to mind another question. I want this user to be able to copy files into the "parent" directory, but not have update access to any other members in the "parent" directory. If I change the permission on the parent directory (770) will this prevent the user the abilty to copy to the directory? I think the answer is "YES".