[Gllug] how to exclude some users from a drive?

John Edwards john at cornerstonelinux.co.uk
Wed Apr 2 21:08:56 UTC 2008 

On Wed, Apr 02, 2008 at 04:54:20PM -0400, Andrew Farnsworth wrote:
> salsaman at xs4all.nl wrote:
<snip>
>> Shouldn't that be chmod 770 ?

>   You are correct, as usual I got this backwards.  See 
> http://en.wikipedia.org/wiki/File_system_permissions#Octal_notation
> 
> For completeness, the following is the General form, followed by the 
> corrected detail form.
> 
> General Usage:
>    chown <new owner> <path to directory>
>    chgrp <new group> <path to directory>
>    chmod <Owner Permissions> <Group Permissions> <World Permissions>
>               <path to directory>
> 
> chmod -R 770 /media/mounted_volume
> 
> Note:
> -R Signals recursively chmod, chgrp, chown and you might not want to 
> change these recursively, just restrict access to the top level.
> 770 = Read/Write/Execute permissions to Owner, Read/Write/Execute 
> permissions to
> Group, No permissions to World

But 770 forces the execute bit on all files, even those that you may
not want to execute.

It would be better to use 'chmod -R o-rwx' which will remove te read,
write and execute bits for users that do not own the file or are in
the group for that file.

*But* this only works for UNIX like file systems. If the device you
plugin is a CdROM or a USB stick then it will use something like
ISO9660 or FAT instead.

I think it is better to do this through controlling membership of the
group that are allowed to mount these file systems, as James Holland
has emailed earlier with the GUI instructions.


-- 
#---------------------------------------------------------#
|    John Edwards   Email: john at cornerstonelinux.co.uk    |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20080402/8ebe21c4/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list