HPE Community
Operating System - HP-UX
1833948 Members
1683 Online
110063 Solutions
New Discussion

Re: How to create a read-only userid

 
frederick hannah
Super Advisor

‎10-06-2008 11:49 AM

‎10-06-2008 11:49 AM

How to create a read-only userid

I would like to create a userid with RO ability
to files owned by other userids. Is that possible? I am using 11.11.
0 Kudos
5 REPLIES 5
OldSchool
Honored Contributor

‎10-06-2008 11:56 AM

‎10-06-2008 11:56 AM

Re: How to create a read-only userid

the ability to read/write/execute files, in a standard unix environment are attributes of the files themselves, not a given id. i.e. you can "allow others" to read a file, write it, execute it or any combination thereof.

acls might be a way to do this, but I've not messed with them in years, so my memory is foggy on this.

the short answer is "no".
0 Kudos
Tim Nelson
Honored Contributor

‎10-06-2008 11:59 AM

‎10-06-2008 11:59 AM

Re: How to create a read-only userid

File access is determined by each individual file's permissions. read,write,execute for ower, group and other.

If you can guarentee (key word here) that each and every file provides ONLY read access for "other" than you are good to go.

Best of luck.

There may be other solutions to lock specific users into a specific directory with restricted shell or ftp but these typically are faultly on the difficulty of setup and the all the required acesses.

I suspect that some audit or manager is asking for this. The best security is to not supply any type of access at all.

0 Kudos
frederick hannah
Super Advisor

‎10-06-2008 12:29 PM

‎10-06-2008 12:29 PM

Re: How to create a read-only userid

I take it a "find" command combined with chmod for the specific user-owned files is the best option?
0 Kudos
Tim Nelson
Honored Contributor

‎10-06-2008 12:45 PM

‎10-06-2008 12:45 PM

Re: How to create a read-only userid

Only if you are absolutely sure that it will not break anything. I would not be so sure !!!

Some log files or other application files may require write perms for all, are you willing to run the risk at simply guessing which processes/application will work or not work after you execute this ??

I do not disagree with securing the system but you will need to research and test every change.



0 Kudos
frederick hannah
Super Advisor

‎10-06-2008 12:49 PM

‎10-06-2008 12:49 PM

Re: How to create a read-only userid

Touche. Thanks for the info.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.