I can use find to check more evident conditions
I am thinking in terms of ignoring link files. Not worrying about owner of files that has GID bit set. [ these two scenarios I know ]
Are there any other scenarios that are not more evident but should be considered for this kind of generic script !? One example is check for broken link files!
I am starting an audit of unix security within our company and am looking for any information that may assist me with this. I am looking for any tips or pointers that I should be aware of when looking at unix. I am very new to unix so any help will do. Maybe there is someone out the that has had... (3 Replies)
Hello,
What does the following mean in terms of file permissions.
-rw-rwSrw- 1 owner group 999 May 25 2004 file_name
What does the "S" stand for.
Thanks in advance for your input. :) (3 Replies)
I work for a big company and all the people within my unit share a common drive to save documents to. I am listed in the group(AMS group) that has access rights to folders within this drive. but i'm trying to restrict access to a confidential folder so that only I can access it.
when I set the... (0 Replies)
Hello,
If you are interested in security, check out this new directory of unix and linux related software tools.
Security - Links
If you have any of your favorite tools, feel free to add them to the directory. (0 Replies)
Introduction
I have seen some misinformation regarding Unix file permissions. I will try to set the record straight. Take a look at this example of some output from ls:
$ ls -ld /usr/bin /usr/bin/cat
drwxrwxr-x 3 root bin 8704 Sep 23 2004 /usr/bin
-r-xr-xr-x 1 bin bin ... (6 Replies)
Hi Team,
I want to set permissions to one folder in such a way that the user can write files or create folder inside that but should not able to delete it.
Basically reason behind this is i am using Pidgin Messenger. There is a directory of logs in which, when user chat its store his logs.... (2 Replies)
Discussion started by: paragnehete
2 Replies
LEARN ABOUT OPENDARWIN
chown
CHOWN(8) BSD System Manager's Manual CHOWN(8)NAME
chown -- change file owner and group
SYNOPSIS
chown [-fhv] [-R [-H | -L | -P]] owner[:group] file ...
chown [-fhv] [-R [-H | -L | -P]] :group file ...
DESCRIPTION
The chown utility changes the user ID and/or the group ID of the specified files. Symbolic links named by arguments are silently left
unchanged unless -h is used.
The options are as follows:
-H If the -R option is specified, symbolic links on the command line are followed. (Symbolic links encountered in the tree traversal
are not followed.)
-L If the -R option is specified, all symbolic links are followed.
-P If the -R option is specified, no symbolic links are followed. This is the default.
-R Change the user ID and/or the group ID for the file hierarchies rooted in the files instead of just the files themselves.
-f Don't report any failure to change file owner or group, nor modify the exit status to reflect such failures.
-h If the file is a symbolic link, change the user ID and/or the group ID of the link itself.
-v Cause chown to be verbose, showing files as the owner is modified.
The -H, -L and -P options are ignored unless the -R option is specified. In addition, these options override each other and the command's
actions are determined by the last one specified.
The owner and group operands are both optional, however, one must be specified. If the group operand is specified, it must be preceded by a
colon (``:'') character.
The owner may be either a numeric user ID or a user name. If a user name is also a numeric user ID, the operand is used as a user name. The
group may be either a numeric group ID or a group name. If a group name is also a numeric group ID, the operand is used as a group name.
The ownership of a file may only be altered by a super-user for obvious security reasons.
DIAGNOSTICS
The chown utility exits 0 on success, and >0 if an error occurs.
COMPATIBILITY
Previous versions of the chown utility used the dot (``.'') character to distinguish the group name. This has been changed to be a colon
(``:'') character so that user and group names may contain the dot character.
On previous versions of this system, symbolic links did not have owners.
The -v option is non-standard and its use in scripts is not recommended.
SEE ALSO chgrp(1), find(1), chown(2), fts(3), symlink(7)STANDARDS
The chown utility is expected to be IEEE Std 1003.2 (``POSIX.2'') compliant.
HISTORY
A chown utility appeared in Version 1 AT&T UNIX.
BSD March 31, 1994 BSD