HPE Community
Operating System - HP-UX
1856388 Members
16727 Online
104112 Solutions
New Discussion

Re: Create a user with limited access

 
SOLVED
Go to solution
Tom Gore
Regular Advisor

‎03-23-2004 02:05 AM

‎03-23-2004 02:05 AM

Create a user with limited access

I am having a problem creating a user with limited access. I created a new group and added a user to the new group. My problem is that this user can delete directories that I do not want them to have access to.

Example:
The user is TOM, the group is MINE
directory looks like this:
drwxrwx--- 2 root sys 96 Mar 23 8:00 test

The user TOM can delete the above directory. I do not understand how this is happening. Let me also add that we are -not- set up as a trusted system (they did not wnat to take this approach when the system was created). What am I missing? The group MINE is not part of any other group and the user TOM only exists in the group MINE.

Thanks,
Tom
0 Kudos
Reply
2 REPLIES 2
A. Clay Stephenson
Acclaimed Contributor

‎03-23-2004 02:11 AM

‎03-23-2004 02:11 AM

Solution

Re: Create a user with limited access

You need to look at the permissions of the directory above the "test" directory. You can also set the "sticky" (octal 1000) bit on a directory so that only the owner of a file may delete them in that directory. One approach that you might look into to give you finer control is ACL's. Man setacl, getacl for details.
If it ain't broke, I can fix that.
Reply
Tom Gore
Regular Advisor

‎03-23-2004 02:22 AM

‎03-23-2004 02:22 AM

Re: Create a user with limited access

Thanks, I "forgot" about the higher level security. But that brings to mind another question. I want this user to be able to copy files into the "parent" directory, but not have update access to any other members in the "parent" directory. If I change the permission on the parent directory (770) will this prevent the user the abilty to copy to the directory? I think the answer is "YES".
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.