[Gllug] [OT ?] Filesystem ACLs
John Hearns
john.hearns at clustervision.com
Tue Aug 10 11:47:59 UTC 2004
On Tue, 10 Aug 2004, Mike Brodbelt wrote:
> On Tue, 2004-08-10 at 12:31, Ashley Evans wrote:
> > Some admins in the office wanted to setup a "modify but not delete" sort
> > of setup on a client's server.
> >
>
> No, I don't think so. You can of course give them write permission to
> the file, but not to the parent directory, which would allow them to
> modify the file but not delete it, but as you point out, this is pretty
> much worthless, and will probably not sit well with programs that want
> to manipulate directory entries.
I agree.
>
> To achieve anything useful, you'd probably have to intercept open calls,
> and make a safe copy of the file before allowing them to do anything.
I heard about this at the UKUUG conference over the weekend.
It should handle the task of intercepting the open calls.
http://www.dazuko.org/faq.shtml
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list