Operating System - HP-UX
1827457 Members
5254 Online
109965 Solutions
New Discussion

Read only user creation in HP UX box

 
Kauser
Advisor

Read only user creation in HP UX box

Dear Engineer,

 

Is there any way around to create read only user in HP UX B.11.31 box who can browse directories (specific or all) having only read only priviledge. Please advise.

With Best Regards,

Kauser

3 REPLIES 3
MK_J
HPE Pro

Re: Read only user creation in HP UX box

Hello Kauser,

You can't create a user account with read only access and it is true for all flavours of Unix.
Note that a newly created user has write access to his home directory while the user can only read or list contents in other directories. The user will not have write or run permission on other directories unless he has been added to a group having write/run permission on those directories.

If you have a more specific requirement please log a case with HPE Support Center.

Regards,

 



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Steven Schweda
Honored Contributor

Re: Read only user creation in HP UX box

> Is there any way around to create read only user [...]

   What, exactly, does "read only user" mean to you?  Are you talking
about an FTP client, or what?  What, exactly, should this user be able
to do and not do?

Bill Hassell
Honored Contributor

Re: Read only user creation in HP UX box

Since there are thousands of files on an HP-UX system, many writable by any user (as they should be), there is no way to turn off 100% write capability.

One choice is to create a restricted user account where the user is unable to leave their login directory. It is a bit complicated and will make it difficult to access anything beyond the local directory.

A second choice is to create shell script for the login that has only selected commands.

Or if the user is untrustworthy or untrained, give them a login on a Blackberry with no cell service...



Bill Hassell, sysadmin