HPE Community
Operating System - HP-UX
1833717 Members
2057 Online
110063 Solutions
New Discussion

file permission

 
SOLVED
Go to solution
peterchu
Super Advisor

‎09-20-2004 11:57 PM

‎09-20-2004 11:57 PM

file permission

In our office , there are three system administrators know the root password, now I have a file/directoy that is very important and must not be removed , I want to prevent another two administrators will remove this file/directory ( intentionally or accidentally ) , can I add a personal password to it ( only I know this password ) so that they can't remove even use the root password , or could suggest other solution ? thx
0 Kudos
Reply
6 REPLIES 6
Cheryl Griffin
Honored Contributor

‎09-21-2004 12:00 AM

‎09-21-2004 12:00 AM

Solution

Re: file permission

Having root access is an all or nothing situation.

You either can access everything by having root password, or nothing owned by root without the password.

There is no second level of passwording.

I'd suggest changing root password and giving them restricted sam access or using sudo.
"Downtime is a Crime."
Reply
Sunil Sharma_1
Honored Contributor

‎09-21-2004 12:02 AM

‎09-21-2004 12:02 AM

Re: file permission

Noway friend.

Once you have root password means you have everything. No one can stop you deleting anything.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
Reply
Cheryl Griffin
Honored Contributor

‎09-21-2004 12:02 AM

‎09-21-2004 12:02 AM

Re: file permission

sudo can be found at
http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.7p5/
"Downtime is a Crime."
0 Kudos
Reply
MarkSyder
Honored Contributor

‎09-21-2004 12:13 AM

‎09-21-2004 12:13 AM

Re: file permission

Does this file ever change?

If not, copy it to tape and keep the tape in a place where it is instantly accessible to you but no one else. Alternatively, ftp the file to your PC and keep it there in case it is ever needed (ftping the file back is probably going to be quicker than restoring it from tape).

Mark Syder (like the drink but spelt different)
The triumph of evil requires only that good men do nothing
Reply
RAC_1
Honored Contributor

‎09-21-2004 12:14 AM

‎09-21-2004 12:14 AM

Re: file permission

No way to do that. Root can do anything. There is no use in setting any permissions on this file. If your concern is, other should not be able to read this file, then
you can encrypt the file.

crypt < input_file > out_put.crypt
This would ask for a a key. Then remove the input_file. Also tremember the key that you used.

To decrypt the file

crypt < out_put.crypt > file
this would ask for key and then decrypt.

Anil
There is no substitute to HARDWORK
Reply
Muthukumar_5
Honored Contributor

‎09-21-2004 01:18 AM

‎09-21-2004 01:18 AM

Re: file permission

We can not do with separate passwd on unix when two others are root.

Eventhogth you encrypt / configure sudo, other's can intentionally remove the encrypt file directly / change the configuration there.

we can avoid removing files accidentally by creating special directory on some known locations and it must be known by other two.
( 600 root root /spl-dir/ )

And other way is to take backup of the special file / directory or making nfs setup to your own machine ( which can not be accessible by other two there ).
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.