|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| UNIX for Dummies Questions & Answers If you're not sure where to post a UNIX or Linux question, post it here. All UNIX and Linux newbies welcome !! |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Setting up FTP access to my Tomcat Dir | boarderstu | UNIX for Dummies Questions & Answers | 4 | 07-28-2007 05:43 AM |
| FTP Restriction | mduweik | SUN Solaris | 0 | 02-28-2006 08:38 AM |
| Restriction to User | gelbvonn | Filesystems, Disks and Memory | 5 | 09-10-2004 12:39 PM |
| sendmail 8.9 file size restriction | dtooth71 | UNIX for Dummies Questions & Answers | 1 | 07-31-2003 09:07 AM |
| Restriction for more than one user | kayode | Shell Programming and Scripting | 7 | 03-28-2003 08:04 AM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Display Modes |
|
#1
07-27-2007
|
|||
|
|||
|
setting file access restriction
is there a way to "lock" an entire directory to where it currently resides for securtiy purposes? only certain users can access these data, however i want to prevent the possibility of transferring/duplicating the data to where other unauthorized users can access it. Any one who knows a good solution for this? Thanks a lot!
|
| Forum Sponsor | ||
|
|
|
#2
07-27-2007
|
||||
|
||||
|
I doubt if you could do that. Any user that can read a file can also copy it to some other location. For that matter, the user can even run 'cat' on a file, copy and paste the information in a txt file on his/her desktop, send the file out via mail.
It basically works out to only allowing trusted users to access sensitive data, and then trusting those users to not leak that data to anyone else.
|
|
#4
07-28-2007
|
||||
|
||||
|
To block a certain directory for restricted access
This is general guidence, brain-storming.
1-Information are not text (images?). 2-Block the directory for only certain users. 3-Prevent users who have access to this data, from moving this data somewhere else. step 1& 2 are possible, step 3 is impossible just like blowtorch said. You have to do hardware restrictions, network security control, namely VLAN and access-lists, plus-like blowtorch discribed- social engineering but for step 1 & 2 (P.S. this is basic UNIX knowledge, deep apologies if you know it already) 1st;make a new user group, say it's name is 'secureGrp' [root@localhost /root]#groupadd secureGrp [root@localhost /root]#vim /etc/groups your group should appear in the bottom, something like secureGrp::x:500: 2nd; add users to this group after the last colon, seperated by commas (in Linux & BSD) secureGrp::x:500:OwnerOfSecureDir,secureUser1,secureUser2,secureUser3 save file and exit 3rd; change the directory permissions (say that it is in /home/secureDir/) to : owner=OwnerOfSecureDir, group=secureGrp, owner can read&write, group can read, others none. [root@localhost /root]#chmod -R 640 /home/secureDir [root@localhost /root]#chown -R OwnerOfSecureDir /home/SecureDir the -R is for recursive of everything in the directory (risking blame for posting a tutorial  )
|
|
#5
07-29-2007
|
|||
|
|||
|
hi sadistic_anger, thank you for the detailed post. I didnt have any problem setting the user and group permission for the data, and what I did was exactly what you described.
> You have to do hardware restrictions, network security control, namely VLAN and access-lists, plus-like blowtorch discribed- social engineering ok another department takes care of this-- thanks a lot!!! 
|
|||
| Google The UNIX and Linux Forums |
Tetris Champion!
Linear Mode
