Ubuntu Security :: File Access Permissions
Mar 3, 2010
I am setting up a new ubuntu server, and I am quite new to linux. This server will be used as code repository for a project I am going to be working on. I plan to setup 3 groups for users: dev, test, doc
- for various developers, testers and documentation users.
I would like to setup the following permissions on the main code repository directory:
dev - write permission
test - execute permission
doc - read permission
public (anyone outside these groups) - deny all access
I am unsure what chmod setting to use, or if this is even possible in ubuntu.
View 2 Replies
ADVERTISEMENT
Jan 25, 2011
Is anyone aware of a detailed "flow chart" -- arrows and decision diamonds, etc -- that describes the file access and permissions processing? I would love to see that diagram. Years ago on a platform far away (Digitial VAX/VMS) their manuals had such a flow chart that covered not only the user-group-owner and read-write-execute permissions decision making but also include "access control list" processing at a superficial level. If someone has access to the VAX/VMS flow chart, that might be a start toward sorting what linux does.
View 4 Replies
View Related
Jan 23, 2011
What should I do if I want to allow access to USB flash drive selectively - Say for e.g. All permissions for "root", "Read/Write" for user "A", Only "Read" for user "B" and user "C" shouldn't be able to access or mount (no permissions) the USB flash drive at all.Also I want to do it by modifying entries in some files or by some commands (so that it can be done programatically if needed)
View 5 Replies
View Related
Apr 13, 2010
Is there a way to restrict users that are logged into the shell via SSH/Telnet/SFTP from using the 'cd' command to move into certain directories, yet not use the chmod command to do it? For instance, restrict users logged in from accessing the /var/www/ folder but have it still accessible using a web browser. Also, would this defeat the purpose since they could just wget from it if its still web accessible through a browser?
View 8 Replies
View Related
Feb 5, 2010
I am setting up a samba server to operate in a windows AD domain. I want to set permissions for multiple groups to have different levels of access to one group of files, and it looks to me like unix permissions will not do that? I always hear about how robust linux is, and it seems to me that their file permissions model is WEAK compared to microsoft's?
View 2 Replies
View Related
Jul 7, 2009
i am trying to set the file permissions for the log files "/var/log/Xorg.0.log" and "/var/log/gdm/:0.log". These files seem to be created when a user logs into a whokstation (my guess so far). I am trying to comply with a security mandate that all log files in the directory /var/log are set to 0640. The two mentioned files always seem to have the permissions 0644, does anyone know where and when these filea are created and how I might set the permissions when the files are created
View 1 Replies
View Related
Mar 24, 2011
How is possible, that vim can write to file and changes his ownerchip ?
View 4 Replies
View Related
Jul 6, 2011
I know how to assign file permissions and other tasks like user to group, but I'm stuck with a situation in how I should set up my system.So I have a LAMP server set up. I'm not the only developer so I created a group called "developers" for my other users "Mike," "Alex," and "Cindy," which are developers (I'm Mike by the way). I know that "www-data" is the user and group Apache uses.This is good because only I have permission to update the production site, but for the dev site, it's a different story.
View 3 Replies
View Related
Sep 12, 2009
Is there a way to specify append only permissions for a file?
View 2 Replies
View Related
Feb 5, 2010
What do the default file permissions in ubuntu 9.10 protect/deny access to?
View 9 Replies
View Related
May 9, 2010
I have broken my MBR and can now only enter 9.10 with the ubuntu start up cd.when i boot through he ubuntu live cd.I can see my mounted drive with all my files however i do not have the permissions to open or copy some of my files( music, films, pics) . id like to do this so i can transfer all my files to an external HDD and reformat start all over again.error when trying to open files.You do not have the permissions necessary to view the contents of.
View 1 Replies
View Related
Oct 3, 2010
In Nautilus I select a directory on local NTFS volume. I'm logged in as root, right-click > Properties > Permissions and I set "Others" to "none". But it doesn't work. I want my friends & visitors to use and enjoy Ubuntu but without access to my NTFS volumes.
View 9 Replies
View Related
May 6, 2010
I have apache2 running on my computer. I want to change the permissions for /var/www/ so that I can edit the files without a problem. Right now I can use the gksudo command, but I'd like to be able to have all the files available when using an IDE like eclipse.
I've read in several places that
Code:
chmod 755 /var/www
will do, but if I'm not mistaken that would give read/write access to anyone. I'm not in a production environment, so I'm not too worried about security, but I'd like to give anyone else as less permissions as possible. Would this be possible?
View 2 Replies
View Related
Jun 26, 2011
Looking for some help writing a simple script on my dapper server. I want the script to play a short 5 second wmv sound file. So I can tell another program to run the script. What player can or should I use and how can I set permissions on the file and script so my program has access to it . Total newb here
View 2 Replies
View Related
May 14, 2010
Does anyone know why files in /boot are world-readable (particularly the initial ram disk)? I'm not an expert, but I would not expect anyone except root or a sudoer to have the ability to read these files.
View 5 Replies
View Related
Jul 23, 2009
Picture the following:On computer A, local user John (and John alone) has rwx access to file1.txtComputer B also has a local user account named John. If file1.txt was to be copied from computer A to computer B, would the user account John on computer B be able to access it?I guess this wouldn't work using two windows computers due to the User name / GUID relationship. Maybe linux has something similar?
View 4 Replies
View Related
Oct 10, 2010
I mount a partition to a directory and ls -liah tells me that everyone has read/write/execute permissions on the whole thing, but I try to save a file into the partition and I get an access denied error. First of all this doesn't make sense because ls is telling me I do have access.
Then it gets weirder. I run sudo chown -R me:me directory. The command exits without error, but then when I go and look at the directory again with ls, it still shows up as owned by root and I still have the same problem. This is particularly strange because I am still able to change permissions normally in the operating system filesystem. It just won't work on the mounted partition.
View 1 Replies
View Related
Jul 8, 2010
I own a particular file on a Linux system. I would like to give 2 groups (accounting, shipping) read access and only read access, and 3 users(Mike, Raj and Wally) write access and only write access. How can I accomplish this?
View 3 Replies
View Related
Jul 13, 2011
i have 3 shares on my samba. i have users - user, manager and boss projects is RW to everyone reference is R to everyone RW to manager and boss Proposals is RW only to boss, no access to others However when boss logs in and creates a directory in projects share, the directory can only be renamed bu users and manager, and directory contents are read only for users and managers, even deletion / rename is denied. How can i make sure that when ever boss creates a directory in projects, it retains base folder permissions and is writable to user this is my samba file... i am using red hat 6.1 with samba 3.5.6 (i think)
[Code]....
View 1 Replies
View Related
Sep 15, 2009
Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.
Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.
View 2 Replies
View Related
Feb 24, 2011
However, configured a website on a dedicated server using WHM/cPanel. The site was uploaded using the master account for the website.
The security issue is public users are able to upload files on to my server via the website. They could even access the root and execute whatever they want on the server.
I have consulted with 2-3 Linux experts. According to them, the PHP user has rights to execute anything on the server or upload & store files in whichever folder they want.
Can I protect my folders to avoid file uploads via the website. The application has security vulnerabilites. However, I want to prevent hackers to enter my site until the vulnerabilities are fixed.
View 2 Replies
View Related
Nov 2, 2010
I have a remote directory shared over NFS called tech with perms set as 0750 and owner set to root:tech. I have 2 groups: tech, and techAdmin. tech can read and execute within tech/. techAdmin can read, write, execute. I have 4 users: user1, user2, user3, user4. user1 and user2 is a member of techAdmin, user3 and user4 are members of tech. simple so far...but wait here's the problem. If user1 creates a file inside tech, user2 cant read or modify it because user1 owns it. Here's a few sites that reference this problem:
[code]....
View 4 Replies
View Related
Mar 14, 2010
I've hit a wall here; I'm attempting to find some way by which to view files and cd into directories on a device mounted read-only. So I need the permissions to read, write, execute (and the same with directories), but chmodding is out of the question because I don't want to alter the drive one iota.
I guess what I could do--what I was thinking of initially--was to dupe the whole drive and then mess with permissions. This wouldn't affect the original (actually I'm working on a duplicate of the original, but I'm treating it as if it were the original) but I was hoping for something that would maintain data integrity. This is a forensic application and not altering the data is very important.
View 2 Replies
View Related
Mar 16, 2010
I encountered a problem when I am trying to access my phpmyadmin the error came up: Wrong permissions on configuration file, should not be world writable!
View 6 Replies
View Related
Dec 10, 2010
Some time back using this computer a SucKit rootkit was found. Having dd urandomed the drive, flattened CMOS battery, flashed BIOS, run Knoppix live CD 6.1,using no flat pack battery (laptop), and memtested the RAM, I am still having problems with what I suspect is a javascript file that tries to reload the rootkit from? firmware. I suspect the firmware as everything else should have eradicated it??
Also it or a hacker via a backdoor then corrupts the drivers so devices malfunction. Windows security programs and rootkit detectors don't seem to pick it up. Fresh install of Windows or linux after the above still show this problem, though internet not used. The person who admitted rootkitting this machine is capable of writing java programs or using javascripts to do all this.
When viewed using Ubuntu 8.4 files and dates on a Windows partition appear normal both in file manager and terminal. However booting using Knoppix CD these files are all green, and I cannot change their permissions, even as root. ie: everything is green including text files etc. If I copy them to a linux partition, I can change their permissions and make them nonexecutable and nonwritable. Also on the Windows FAT32 partition the . directory has the date 1 Jan 1970.
If I disable any green files, I can shutdown and reboot cleanly. If I don't I start having problems shutting down [/usr/sbin/init ?] And always these follow a pattern:
Can't remember details as I have now corralled the beast but error messages relating to:
nfs-server
inet.d/statd
are the start of these.
View 3 Replies
View Related
Jun 23, 2010
I want to copy a file into my Root folder but I cant.what should I do?
View 2 Replies
View Related
Oct 1, 2010
At our company we have a central server with client files. This server has a SSH server installed, and through Nautilus all employees can access the files. However, I have a few questions:
1. Most employees need access to all folders, because they might use them at some point in time. However, I want to make sure they are not accessing things they do not need. How can I do this? For instance, if somebody copies all of the folders to his/her computer, I want to be able to see this in some sort of log. Can this be done? Copying and accessing in general is what is of my concern.
2. Some employees only need access to specific folders. Can this be easily configured with SFTP?
3. Some also use SSH and type commands which I want to check every now and then (e.g. to make sure an intern is not again copying information or accessing folders they should not be in). What is a good way to do this?
View 7 Replies
View Related
Aug 4, 2010
When I replace a drive in a RAID 1 and then resync it, why does the file access date (all the files) on the drive from which I am syncing not change? Shouldn't the file access date always change when I copy a file? Are there ways to overgo this?
View 3 Replies
View Related
Dec 7, 2010
I would like to know if it is possible to deny the access to a file for root? Would ACL's be a possibility? I have "googled" around but haven't found anything interesting (except SELinux). I should secure a password file to an important database.
View 6 Replies
View Related
Mar 12, 2011
it is possible to change the root directory for a single, particular program. For example, I have an executable, 'miscreant.bin' that has all of it's required libraries in a directory named "libraries", in the same directory as the said executable. I can launch the program and make it use the libraries included with the executable rather than the system with:
Code:
/lib/ld-linux.so.2 --library-path ~/miscreant/libraries ~/miscreant/miscreant.bin
...or...
Code:
env LD_LIBRARY_PATH=~/miscreant/libraries ~/miscreant/miscreant.bin
With either, miscreant can be portable. But, I would also like to change the root directory (like chroot) of miscreant, so that the directory "~/miscreant/sandbox" becomes the root ("/"). So, if miscreant created a file named "/home/bryan/miscreant", it will be redirected to "~/miscreant/sandbox/home/bryan/miscreant". I am running Crunchbang 10 (Statler) on a 32-bit Atom netbook.
View 5 Replies
View Related
