1830898 Members
2903 Online
110017 Solutions
New Discussion

file permission

 
SOLVED
Go to solution
peterchu
Super Advisor

file permission

In our office , there are three system administrators know the root password, now I have a file/directoy that is very important and must not be removed , I want to prevent another two administrators will remove this file/directory ( intentionally or accidentally ) , can I add a personal password to it ( only I know this password ) so that they can't remove even use the root password , or could suggest other solution ? thx
6 REPLIES 6
Cheryl Griffin
Honored Contributor
Solution

Re: file permission

Having root access is an all or nothing situation.

You either can access everything by having root password, or nothing owned by root without the password.

There is no second level of passwording.

I'd suggest changing root password and giving them restricted sam access or using sudo.
"Downtime is a Crime."
Sunil Sharma_1
Honored Contributor

Re: file permission

Noway friend.

Once you have root password means you have everything. No one can stop you deleting anything.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
Cheryl Griffin
Honored Contributor

Re: file permission

sudo can be found at
http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.7p5/
"Downtime is a Crime."
MarkSyder
Honored Contributor

Re: file permission

Does this file ever change?

If not, copy it to tape and keep the tape in a place where it is instantly accessible to you but no one else. Alternatively, ftp the file to your PC and keep it there in case it is ever needed (ftping the file back is probably going to be quicker than restoring it from tape).

Mark Syder (like the drink but spelt different)
The triumph of evil requires only that good men do nothing
RAC_1
Honored Contributor

Re: file permission

No way to do that. Root can do anything. There is no use in setting any permissions on this file. If your concern is, other should not be able to read this file, then
you can encrypt the file.

crypt < input_file > out_put.crypt
This would ask for a a key. Then remove the input_file. Also tremember the key that you used.

To decrypt the file

crypt < out_put.crypt > file
this would ask for key and then decrypt.

Anil
There is no substitute to HARDWORK
Muthukumar_5
Honored Contributor

Re: file permission

We can not do with separate passwd on unix when two others are root.

Eventhogth you encrypt / configure sudo, other's can intentionally remove the encrypt file directly / change the configuration there.

we can avoid removing files accidentally by creating special directory on some known locations and it must be known by other two.
( 600 root root /spl-dir/ )

And other way is to take backup of the special file / directory or making nfs setup to your own machine ( which can not be accessible by other two there ).
Easy to suggest when don't know about the problem!