3.3 Protecting and Sharing FilesUNIX makes it easy for users to share files and directories. Controlling exactly who has access takes some explaining, though - more explaining than we can do here. So here's a cookbook set of instructions. If you have critical security needs or you just want more information, see the references in Appendix A, Reading List . 3.3.1 Directory Access PermissionsA directory's access permissions help to control access to the files in it. These affect the overall ability to use files and subdirectories in the directory. (Once you have access to a directory, the ability to read or modify the contents of specific files is controlled by the file access permissions; see the second of the following two lists.) In the commands below, replace dirname with the directory's pathname. An easy way to change permissions on the working directory is by using its relative pathname, . (dot), as in "chmod 755 . ".
Remember, to access a directory, a user must also have execute
( 3.3.2 File Access PermissionsThe access permissions on a file control what can be done to the file's contents . The access permissions on the directory where the file is kept control whether the file can be renamed or removed.
3.3.3 More Protection Under LinuxMost Linux systems have a command that gives you more choices on file and directory protection: chattr . chattr is being developed, and your version may not have all of the features that it will have in later versions of Linux. For instance, chattr can make a Linux file append-only (so it can't be overwritten, only added to); compressed (to save disk space automatically); immutable (so it can't be changed at all); undeletable , and more. Check your online documentation (type man chattr - see Chapter 7 ) or ask your system administrator for advice on your system. 3.3.3.1 Problem checklist
|
|