| View previous topic :: View next topic |
| Author |
Message |
Johnyp
Guru
Joined: 23 Mar 2005
Posts: 301
|
 Posted: Tue Apr 19, 2005 8:24 pm Post subject: Managing linux permissions -need a good read. |
 |
|
Hey all
Ok, i'm having hard times figuring out how to make certain things work with linux permissions since they are not ACL based. I need a solid article on how Linus permissions should be managed in mutliuser environment. My main problem is figuring out how to handle users with various groups and not create security holes.
Anyone got a link to a decent read on the issue?
_________________
Gentoo Unanswered Questions- Give it a try! |
|
| Back to top |
|
 |
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
| Posted: Tue Apr 19, 2005 8:27 pm Post subject: |
|
|
google is your friend.
Read the security guide on gentoo.org, too. |
|
| Back to top |
|
|
Johnyp
Guru
Joined: 23 Mar 2005
Posts: 301
|
| Posted: Tue Apr 19, 2005 8:42 pm Post subject: |
|
|
Google IS my friend, but if someone has a good doc or a link to an article - maybe they will want to share. After all - the more information - the better.
Reading gentoo guide 
_________________
Gentoo Unanswered Questions- Give it a try! |
|
| Back to top |
|
|
Bojan
Tux's lil' helper
Joined: 18 Oct 2004
Posts: 145
Location: € Matrix
|
|
| Back to top |
|
|
zieloo
Veteran
Joined: 28 Mar 2004
Posts: 1337
|
|
| Back to top |
|
|
Johnyp
Guru
Joined: 23 Mar 2005
Posts: 301
|
| Posted: Tue Apr 19, 2005 10:26 pm Post subject: |
|
|
zieloo
Bojan
I know how to set permissions on files. I've also read the Gentoo security guide you gave link to.
What i wonder, is what's the best way of aranging users in groups for various tasks and what sort of security implications are assosiated with those setups.
For example - correct me if i'm wrong but, by in linux user has only 1 primary group and can be a member of other groups. However, to gain the access control of any "other group", the user must change the group manually by issuing a command. So, while user is listed in many groups - only one "group permission" is active at any single point in time.
Also, from what i see - groups can not be nested (i hope this is not the case, but it looks this way right now).
_________________
Gentoo Unanswered Questions- Give it a try! |
|
| Back to top |
|
|
justanothergentoofanatic
Guru
Joined: 29 Feb 2004
Posts: 337
|
| Posted: Thu Apr 21, 2005 6:13 am Post subject: |
|
|
| Quote: | | However, to gain the access control of any "other group", the user must change the group manually by issuing a command. |
Users can access any file without manually changing groups. However, they will need to perform chgroup if they want to change the default group owner of newly created files.
| Quote: | | Also, from what i see - groups can not be nested (i hope this is not the case, but it looks this way right now). |
It's true -- groups aren't recursive and they can't inherit anything from other groups.
What is it that you're trying to accomplish?
-Mike |
|
| Back to top |
|
|
|
Networking & Security
