Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Permissions on a directory in /home for all users
Top Forums UNIX for Advanced & Expert Users Permissions on a directory in /home for all users Post 302921852 by Don Cragun on Monday 20th of October 2014 02:30:49 PM
Old 10-20-2014
And you have now set it up so that no user on your system has any private files; every file that they create in any directory on your system will be readable and writeable by every other user in the same group. Fortunately, I use the Korn shell instead of bash, so this wouldn't affect me.

Before you modified everybody'a .bashrc, did you at least warn them that they need to undo what you did or manually chmod every file that they create in any other directory?

Did you consider just asking users in this group to chmod files they create under this shared directory.

Did you consider writing a set-UID application that would allow users in that group to change the mode of any file under that directory (AND ONLY under that direcotry) to something any user in the group could use (and send a note to the offending file's creator and that person's supervisor) when it was needed?

At any company I've ever worked for, what you did would be a fireable offense. Please reconsider this action.
This User Gave Thanks to Don Cragun For This Post:
MadeInGermany
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Restrict users to ther home directory

Hello! I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above. Does anyone know how to do this? Anders (1 Reply)
Discussion started by: alfabetman
1 Replies

2. UNIX for Dummies Questions & Answers

Reset Home Directory Permissions

I accidently reset the permissions of my /home/punkrockguy318 directory to root only. How can I get my punkrockguy318 permissions ( and all of it's contents) to be read/write accesable only to punkrockguy318 and root? (5 Replies)
Discussion started by: punkrockguy318
5 Replies

3. UNIX for Dummies Questions & Answers

Profiles for users without home directory

Hi I want to know which profile will be called when a user without home directory is created. When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions. Thanks naina (3 Replies)
Discussion started by: naina
3 Replies

4. UNIX for Dummies Questions & Answers

Can I prevent a user from changing the permissions on their home directory.

Hello All, I have a new HPUX system going into production and it will be used by 2 projects. One of the contract requirements is the 2 groups can not have access to the others work or data. I believe I have the system pretty well locked up using groups and permissions and selective mounting of... (2 Replies)
Discussion started by: DanL
2 Replies

5. UNIX for Dummies Questions & Answers

Home Directory Jail for Users

Hi, I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd .. Somebody said you can do that with... (3 Replies)
Discussion started by: mz043
3 Replies

6. UNIX for Dummies Questions & Answers

lost /home/directory for users

I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing. The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies

7. UNIX for Advanced & Expert Users

Home Directory Permissions

My users home directory located in a RHEL 5.0 nfs server. Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting home Directory on the client side. I set 700 to the users home directory. My problem here is some of the users change the mode, which result in leak of... (2 Replies)
Discussion started by: a_artha
2 Replies

8. Solaris

Common Home directory for different users??

Hi Guys, I have a problem with configuring a server. this is a solaris 10 with sparc platform. I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display. I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies

9. UNIX for Advanced & Expert Users

about the access permission of users home directory

RHEL5.0 As we know, when root create a new user, a new home directory will be created : /home/user I want to know what determine the access permission of /home/user . Thanks! (1 Reply)
Discussion started by: cqlouis
1 Replies

10. Red Hat

SSH lock users to the Home Directory

Hi friends, I must to give ssh connection to own customer. So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user. I am waitting your kindly helps :D ---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies

LEARN ABOUT ULTRIX

chmod

chmod(1)						      General Commands Manual							  chmod(1)

Name
       chmod - change file mode

Syntax
       chmod [ -fR ] mode file...

Description
       Permissions on files are set according to mode and file parameters.

       For file, you can specify either a full or partial path.  You can specify multiple files, separated by spaces.

       For mode, you specify one of two variants: absolute mode or symbolic mode.

   Absolute Mode
       For mode in absolute form, you specify an octal number constructed from the sum of one or more of the following values:

	      4000	set user ID on execution (applies to executable files only)
	      2000	set group ID on execution (applies to executable files only)
	      1000	set sticky bit (see for more information)
	      0400	read by owner
	      0200	write by owner
	      0100	execute, or search if file is a directory, by owner
	      0040	read by group
	      0020	write by group
	      0010	execute, or search if file is a directory, by group
	      0004	read by others
	      0002	write by others
	      0001	execute, or search if file is a directory, by others

       For  example, the absolute mode value that provides read, write, and execute permission to owner, read and execute permission to group, and
       read and execute permission to others is 755 (400+200+100+40+10+4+1).  The absolute mode value that provides read, write, and execute  per-
       mission to owner and no permission to group or others is 700 (400+200+100).

   Symbolic Mode
       To specify mode in symbolic form, use the following format:

	      [who] op permission [op permission] ...  Spaces are included in the preceding format so that you can read the arguments; however, as
	      will be shown in examples that follow, you do not enter spaces between mode arguments.

       Specify who using the letters u (for owner), g (for group) and o (for others) either alone or in combination.  You  can	also  specify  the
       letter  a (for all), which is is equivalent to the letter combination ugo.  If you omit the who parameter, a is assumed.  For more informa-
       tion, see

       For the op parameter, specify the plus sign (+) to add permission to the file's mode, the minus sign (-)  to  remove  permission  from  the
       file's  mode,  or the equal sign (=) to assign permission absolutely (denying or revoking any permission not explicitly specified following
       the equal sign).  The first command in the following example provides group with execute permission for in addition to  any  other  permis-
       sions group currently has for The second command limits the permission that group has for to execute alone:
       chmod g+x filea
       chmod g=x fileb

       For  the  permission  parameter,  specify any combination of the letters r (read), w (write), x (execute), s (set owner or group id), and t
       (save text - sticky).  Alternatively, you can specify the letter u, g, or o to set permission for the who parameter to be the same  as  the
       permission  currently granted to the user category indicated by the letter.  In the following example, the group (g) is given the same per-
       missions on as currently granted to owner (u):
       chmod g=u filea

       You can revoke all permissions by specifying the who argument followed by =, and omitting the permission argument.  For example,  the  fol-
       lowing command removes all permissions from others for
       chmod o= fileb

       When  specifying  more than one symbolic mode for file, separate the modes with commas. The mode changes are applied in the sequence speci-
       fied.  In the following example, write permission is added to the permissions already granted to the owner of and group is then granted the
       same permissions on as granted the owner:
       chmod u+w,g=u filea

Options
       -f   Inhibits display of errors that are returned if fails to change the mode on a file.

       -R   Causes  to	recursively descend any directories subordinate to file and to set the specified mode for each file encountered.  However,
	    when symbolic links are encountered, does not change the mode of the link file and does not traverse  the  path  associated  with  the
	    link.  Note that the option is useful only when file identifies a directory that is not empty.

Restrictions
       The permission letter s is used only with who letter u or g.

       Only the owner of a file  or someone logged on as superuser may change the mode of that file.

Examples
       Using  absolute	mode,  provide	read,  write, and search permission to the owner, and read and search permission to others for a directory
       named
       chmod 755 ~harris/public

       Using absolute mode, set the UID for execution to be the UID of of the file owner rather than the UID of the user running  the  program	as
       follows:
       chmod 4000 progrmb

       Using symbolic mode, perform the same operation as described for the preceding example:
       chmod u=s progrmb

       Using symbolic mode, deny write permission to others for the file
       chmod o-w ourspec

       Using symbolic mode, give execute permission on file to all user categories:
       chmod +x myprog

       Using symbolic mode, give write permission to all group members, deny write permission to others, and give search permission to owner on
       chmod g+w,o-r,u+x docdir

       Using  symbolic	mode, give read and execute permissions to others for a directory named and then recursively descend the paths subordinate
       to adding the  same permissions for others on all files and directories included in the subordinate paths:
       chmod -R o+rx programs
       In the preceding example, if were the name of a file rather than a directory, would change the mode only of the file.

See Also
       ls(1), chmod(2), stat(2), umask(2), chown(8)

																	  chmod(1)
All times are GMT -4. The time now is 05:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy