HPE Community
Operating System - HP-UX
1833315 Members
3023 Online
110051 Solutions
New Discussion

secure files

 
SOLVED
Go to solution
jerry1
Super Advisor

‎10-30-2006 06:17 AM

‎10-30-2006 06:17 AM

secure files

Is there a way with samba or other CIFS or
straigt unix directories to seucre files
to not be deleted but can still be modified?

I know you can't on unix within unix shell.
But I thought you could do something within
samba for PC shares.
0 Kudos
Reply
3 REPLIES 3
Geoff Wild
Honored Contributor

‎10-30-2006 06:28 AM

‎10-30-2006 06:28 AM

Solution

Re: secure files

No - you can not secure files that way - even if you could you would have write access (if person can modify) and there would be no way to stop that person from emtying that file and saving it - it would be 0 bytes - not usefull at all.

Either limit access to those files and have good backups or only allow root to modify.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
Reply
Bill Hassell
Honored Contributor

‎10-30-2006 08:27 AM

‎10-30-2006 08:27 AM

Re: secure files

Now if the rules are: modify but not remove, then yes, Unix provides this feature. There are two permissions for every file: permission for the content (data) and permission for the existence (create or remove). You can set the permissions independently. For the file, write permission only protects the data. But for existence, the directory's write permission controls whether any file in the directory can be removed (or created).


Bill Hassell, sysadmin
Reply
James R. Ferguson
Acclaimed Contributor

‎10-30-2006 09:19 AM

‎10-30-2006 09:19 AM

Re: secure files

Hi Jerry:

To add to Bill's comments. If you set the 'sticky' bit on a *directory* then users can only remove files from the directory if they have explicit write permisssion to the file to be removed. This is particulary useful with shared directories, like '/var/tmp'. See the manpages for 'chmod' for further information.

Regards!

...JRF...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.