Ubuntu Security :: Group Permission - Access Privileges On Several Folders

Jul 9, 2010

I have a problem access privileges on several folders like this one

Code:

It clearly says that I have owner and group read write and search (it's a directory) privileges.

I login as user master part of group events

Code:

But I can't access the folder (Permission denied).

View 9 Replies


ADVERTISEMENT

Fedora Security :: Limiting Sudo - Giving Full Privileges To The Wheel Group In The Sudoers File

Feb 15, 2011

I have previously set up sudo via adding my name to the wheel group and then giving full privileges to the wheel group in the sudoers file. Now I choose to learn to limit that. Had noticed the most frequent use I have of sudo is to run yum update. This got me thinking, could I remove the wheel group privileges and add the following line in sudoers to limit the privilege to simply running yum, and furthermore, make it so I could run yum without a password:

## Allow root to run any commands anywhere
rootALL=(ALL) ALL
Troy ALL= NOPASSWD: /usr/bin/yum

I think that would in fact work (if I understood one of the pages here, it will work). However, upon further thinking I realized that in such a case then anyone sitting at my computer could then use yum, without a password, to install or remove any file on my system � probably not a good idea. As a result I have to ask, can I tighten the privilege even further such that the only privilege so given was to run �yum update� and nothing else? (for example if they ran �yum install� it would fail). If you can do it, how?

Last, I was going to limit the privilege, time wise and try wise, by adding the following to the sudoers file:

# Defaults specification
Defaults:Troy timestamp_timeout=0, passwd_tries=3

Will that really work to limit the elevated privilege so I don't have elevated privileges lingering about, or is there a better way to do so?

View 3 Replies View Related

Ubuntu :: Create A User Group That Restricts Internet Privileges To Only Members In The Group

Jul 19, 2011

How can I create a user group that restricts Internet privileges to only members in the group, then I will assigns certain applications to join the group for access to the Internet.

For example, I want only group net to have access to the Internet. Group net is then connected to:

Code:

So far, I am using the gnome group policy manager that is standard with ubuntu but Its not working. It is possible that im misdirected and that I should use a firewall instead?

View 2 Replies View Related

SUSE :: Configure Permission / Access Denied On Sub Folders?

Sep 15, 2010

how to configure it. What I am trying to is this: I have a departmental folder housing two sub folders. The permissions on the parent folder for the department are 770 and the users from that department are all in a group based on their departments name.

One of the users who is granted access as a member of the group needs to be denided access to one of the two sub folders. How do I allow all users in the department into the first folder (this works already) but at the same time allow all but one into the second folder?

View 1 Replies View Related

Security :: Set Permissions For Multiple Groups To Have Different Levels Of Access To One Group Of Files?

Feb 5, 2010

I am setting up a samba server to operate in a windows AD domain. I want to set permissions for multiple groups to have different levels of access to one group of files, and it looks to me like unix permissions will not do that? I always hear about how robust linux is, and it seems to me that their file permissions model is WEAK compared to microsoft's?

View 2 Replies View Related

Security :: Group Write Access For Newly Created Files / Directories Without Changing Umask

Apr 3, 2009

I have several directories, each owned by root and a group of the same name,By setting the sgid bit, I made sure that newly created files and directories are owned by the correct group, and that directories have the sgid bit set too.On each newly created directory or file, the permissions are set to 755. This is because this is the default umask, and I cannot change a users umask. I actually only want files created below a particular directory to have group write access, inheriting this behaviour to newly created directories properly.I'm not on samba or NFS, I have to do this for SSH users.The filesystem is ext3.I started to fool around with ACLs, but couldn't find what I was looking for.

View 3 Replies View Related

Security :: When To Give Write Access To Folders On A Web Server

Feb 3, 2011

on the following link [URL] section 2 says

Quote:

The following directories need to be readable, writeable and executable for everyone:

* dokeos/main/inc/conf/
* dokeos/main/upload/users/
* dokeos/main/default_course_document/
* dokeos/archive/

[Code].....

I am not at all convinced by the idea of giving permissions to read,write and execute as these Learning Management Systems say. Let me know what you people have to say? What is the best practise in such situations? I have to get all these LMS run on same web server.

View 2 Replies View Related

General :: Command For Getting Info On Group Privileges?

Jan 4, 2010

What commands would someone use if they wanted to see their group priveledges, like if they were in a super user group or various groups.

View 1 Replies View Related

Ubuntu :: Restoring Root Privileges (admin Group) In Lucid Lynx?

May 1, 2010

After freshly installing Lucid Lynx and tinkering for some time to get everything just how I like it, I managed to somehow remove myself and all other users from all groups. Now, obviously, I've restarted and I don't have root privileges as I am no longer a member of admin group. So I am somewhat stuck. I've looked at this page: [URL]. But annoyingly, there is no grub menu appearing on boot up (unlike previous Ubuntu versions). So I'm appealing for your help to either:

a) Show me how I can bring up the grub menu so I can access ubuntu in safe mode

b) Show me another way of accessing the system with root privileges. (Would using chroot from the Live CD work? I just thought of that now so I'll try it).

View 3 Replies View Related

Ubuntu Servers :: Give Power Users Ability To Access All Of Their Folders Without Thrashing Security.

Feb 8, 2011

So, I am looking to implement an FTP server with Isolated Client accounts/directories where a client can only access what's in their directory. I also need to provide my internal user's (content managers) the ability to upload, delete, etc from all of the Client accounts. The simple part is creating the secure client accounts. It's a matter of changing DIR_MODE in adduser.conf to 700 or 770, creating a user, having the FTP server chroot them to their home directory, revoke/restrict shell/ssh access and maybe even slap on some ACL to prevent botched permissions.The hard part is figuring out how to give my power users the ability to access all of their folders without thrashing security.

My first thought was to put all of the client user-groups in a parent group and having my internal users inherit group permissions..but you can't have groups inside of groups.My second thought was to put all of the client users in the same group and prey that the FTP chroot is enough to keep them from poking around but then I have the problem of how do my internal users access other user directories if they are chrooted. Do I create a second server without chroot.do I create some weird nested homedir structure..I honestly have no idea how to satisfy both requirements (secure client accounts and privileged user accounts). I need my privileged users to authenticate against Active Directory via Likewise open, LDAP, etc and I don't care how the clients authenticate. Though, I would prefer to have both file and FTP-server level protection just to make sure no one can see the other client's data.

View 1 Replies View Related

Ubuntu :: Admin Privileges - Permission Denied Error

May 11, 2010

I'm having a permissions problem with Ubuntu and apache. There are two users, I'll just call them A and B. All of the files belong to A and group root. I'm logged in as B and I have admin privileges. My website is working just fine but when I create a directory in the web root, change the owner to A on the directory and all files I still get a Permission Denied error when I try to access it from the web. I've also set permissions to rxwr-xr-x on the directory and all the files. So I don't understand what's going on. Why am I still getting a permission denied error?

View 1 Replies View Related

Ubuntu Security :: Wireshark Security Root Privileges?

Mar 25, 2010

Having read on the forums about some of the dangers of running Wireshark as root, I would like to know if anyone can suggest some alternative packet sniffers/network analyzers which will offer similar results but without the security issues. I am using Karmic Koala on a Fujitsu Siemens laptop with wireless router (firewall enabled)

View 7 Replies View Related

General :: Security Group Can Be A Member Of Another Group?

Aug 22, 2010

I need to create a group that has the same permissions as the users group. Can I have the new group be a member of the "users" group to inherit its permissions?

View 4 Replies View Related

Security :: Add A Group Of Users To The Wheel Group?

May 19, 2010

I have a number of users, categorised into various groups. I would like one of those groups ("developers") to be in the wheel group as well. I don't want to just copy the people from the developers group into wheel, because then when that group changes I'll have to change it in two places. Is there a way to specify that anyone in developers is in wheel, and have that be dynamic?

View 7 Replies View Related

Networking :: Permission / Group After Sshing Into Box

Nov 4, 2010

I've got a problem with groups on linux (slackware). I'm trying to ssh from one computer into another to do some work, but I'm running into permission issues.

If I do the work locally as a user
If I do the work with ssh as root
If I do the work with ssh as a user ;(

Both computers are mine. (By locally, I mean physically sitting by that computer logging in the normal way.) When I log in locally as a regular user I'm a member of the following groups: 'users floppy audio video cdrom' But when I ssh into the same computer, being the same user, I'm only a member of the group: 'users'

Q1. What gives? Where/How can I change this?

Q2. Also, where do linux/slackware store the group information? According to /etc/group I'm only member of 'users'. Where does it keep the info that I belong to 'users floppy audio video cdrom'?

View 2 Replies View Related

Ubuntu Servers :: Group Permission On Dir And Files For Apache

Mar 5, 2011

Me and 2 others are working on a website (Bob, Mike, and Joe). We made a group called developers and each of us are in the developers group. The Apache server runs as www-data. When we upload files, the file owner is the users name and the group is "developers".

/etc/group has the following

Code:
www-data:x:33:
bob:x:1000:
mike:x:1001:

[Code]....

I have always just set everything to 775 and just called it good. Well I don't want to wake up to a Russian political message plastered all over the site. It's time I do things properly.

View 3 Replies View Related

Ubuntu :: Share File Permission \ Some One Copy Their File In This Folder The Permission Is Marked As "no Group" "no Owner"?

May 18, 2011

I'm using ubuntu 11.04, I'm having some problem of ownership while sharing folder/files. to share i change the folder share option:1. Share this folder, then followed by 2.allow others to create and delete files in this folder3. guest access.Now if someone in my local network edit any file and save it, it gets locked. if some one copy their file in this folder the permission is marked as "no group" "no owner". and they get unaccessible to me. i tried doing chown <user> <folder> but it says Operation not permitted. Now how i can possibly share my folder on local network so that they can be edited by others without getting locked down , if they copy files i can able to modify them.

View 2 Replies View Related

Slackware :: Can't Change The Group Permission For The Folder

Jan 13, 2010

I've installed slax6 onto an ext3 partition and setup a users account, i've also just managed to mount some virtualbox shared folders which are working and i can access them fine. The problem is I cannot seem to give limited user accounts access to them. root can access them no problem! but right clicking and changing the permissions do nothing, because once I click apply, reopen the menu, the changes have reverted. I've tried chmod'ing them.. chmod o=rwx /mnt/folder I used 'o' because I can't seem to change the group permission for the folder. The shared folder I am mounting is formatted in NTFS and the other in ext3, I can't change the permissions of either.

View 5 Replies View Related

General :: Remove Group Write Permission?

Oct 22, 2010

How would i write a command that can find all the objects under the etc directory that have group write permission enabled and have not been accessed in the last X days. This is what i got from internet souce but i m not able to modify it according to my distribution. find /etc -perm -0070 -a -mtime +X ! -type l?print Here is the exact statement from link i m referring to.

[Code]..

View 3 Replies View Related

General :: Location Of Folders Shared Between Group?

Sep 28, 2010

What's the best location for a folder intended to be used as a group storage location? In other words, I want a folder called "examplefolder" belonging to a group named"examplegroup" that can be accessed by everyone in that group. Is home/examplefolder the best location or elsewhere?Edit:The folder needs read and write permissions, so /usr would not work. Does anyone think /var would be appropriate? What about something in the root like shared? Is there a reason not to use /home/examplefolder?

View 2 Replies View Related

Ubuntu :: No Write Permission Even Though User Is Member Of Folder Group?

Oct 29, 2010

I'm having an odd problem (although I'm probably missing something obvious to a non-semi-newbie):I have a directory used for samba shares which is owned by user fred, a system user which the windows clients on my network authenticate with to access the shares. I, roger, want to access the directories without having to put my 'sudo boots' on every time, so I made the directory group users and added roger to that group, and changed the file/folder modes from 0755 to 0775.However I still do not have write permissions inside the directory; I still seem to be considered 'other' and hence only have read and execute.

View 6 Replies View Related

Ubuntu :: File (group) Permission Dont Work As Expected

Feb 4, 2011

Well, this is a problem that keeps on coming, and I never found a solution: Maybe it is just me misunderstanding how it should work, but:

1) do you confirm that, as a member of the group "fuse", I should be able to read the file?
2) of course, I could change the permission of the file, or read it as sudo, but sometimes this is not possible. how to achieve it then?

View 7 Replies View Related

Ubuntu Security :: Remove All Privileges From CWD?

Jan 21, 2010

I am on the admin account of my computer and am trying to remove all privileges from CWD i have tried

chmod go-rwx ~
sudo chmod go-rwx ~

but when i pull up

ls -l ~

It is still showing permission in the g and o column.

View 9 Replies View Related

General :: Group Control - Read & Write Permission ?

Dec 21, 2010

I have a file the owner is root:root ( mode is 644 ), I want to release read & write permission to a non root user ( eg. admin_usr ), I tried to create a specific group ( eg. ADM ) and release it to root user and admin_usr ( by adding this users to ADM in /etc/group ) , but it is not work, if preserve the file mode to 644 , is it ok? how to do it if I want to have read & write permission in my case ?

View 5 Replies View Related

General :: Set Permission Type On A File To A Particular User In A Group?

Jan 20, 2011

i want to set permission type "write" on a file to a particular user in a group of users ( not all users in that group). chown is changing a user to root , but i want to set say permission of "write" only to a user 1 in group staff which contains 10 users 1 , user 2 ...user 10.

View 3 Replies View Related

Ubuntu Security :: Restricting User Privileges

Apr 11, 2010

I have searched somewhat this forum but haven't yet found a similar post using the keywords I entered but perhaps there is already a similar post then please refer me to it.I am trying to add a user account "Guest" to allow people on my laptop without giving them access to vital parts of the computer. Basically, I want them to only be able to view their own home directory and access internet. Nothing more.I have set the group to "guest" and changed the other home directories of other users to owner access only.

Guest still has access to root and is still allowed to perform actions in various critical areas (deleting files from for example my Windows 7 partition). This I also want to prevent. I was thinking to set each directory's permissions to Owner and Group only and remove Others access.My questions:

1. Will this have any undesirable impact (programs of main user accounts not able to access certain directories)? For guest user I don't care as long as internet works.
2. When I start User Manager and disable for Guest all options except "access internet" (so I also disable access to CDROM), the guest can still access the CDROM. Does this mean the User Settings menu has no effect or is overruled by something?

View 9 Replies View Related

General :: Give Directory Permission To A Group And Not Specific User?

May 26, 2010

I'm trying to do something like thisi created a group called www and made this group the owner of the directory/var/www/htmlso i can read and write to it.of course I've add my self to this group, but it seems i can't read and write.the syntax i used was something like chown :www /var/www/html.didn't workonly when i used chown samurai:www /var/www/html i could finally could create new file.the reason i don't want to specify the user name is because I'm thinking of a scenario when i need to give permission to a large group of ppl and don't want to do it user by user.

View 5 Replies View Related

General :: How To Remove Rwx Permission For Group And Other Users For All Hidden Files

Nov 29, 2010

How would i remove rwx permission for group and other users for all hidden files (except . and ..) inside /root using a one line command.

View 4 Replies View Related

Server :: Saving A File Removes The Group Execute Permission?

May 23, 2011

Here are some example files that are shared through samba:

-rwxrwx--- user1 group1 file1.txt
-rwxrwx--- user1 group1 file2.txt

When user2 (who is also a member of group1) edits file2.txt the permissions change:

-rwxrwx--- user1 group1 file1.txt
-rwxrw---- user2 group1 file2.txt

user1 then has issues opening the file. This also goes for new files that are created (they are missing the group execute permission).

I have set the option "create mask = 0770" in my smb.conf. Without this set, permissions default to something like -rwxr--r--

View 1 Replies View Related

Ubuntu Security :: Drop Elevated Privileges Through Terminal

May 2, 2011

How to Drop all elevated privileges through terminal?

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved