[Gllug] [OT ?] Filesystem ACLs

John Hearns john.hearns at clustervision.com
Tue Aug 10 11:47:59 UTC 2004

On Tue, 10 Aug 2004, Mike Brodbelt wrote:

> On Tue, 2004-08-10 at 12:31, Ashley Evans wrote:
> > Some admins in the office wanted to setup a "modify but not delete" sort 
> > of setup on a client's server.
> > 
> No, I don't think so. You can of course give them write permission to
> the file, but not to the parent directory, which would allow them to
> modify the file but not delete it, but as you point out, this is pretty
> much worthless, and will probably not sit well with programs that want
> to manipulate directory entries.
I agree.

> To achieve anything useful, you'd probably have to intercept open calls,
> and make a safe copy of the file before allowing them to do anything.
I heard about this at the UKUUG conference over the weekend.
It should handle the task of intercepting the open calls.


Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list