Thanks Todd, thanks Richard: Todd wrote:
>I really >question the need to have your entire system group owned by a simple >user. Sounds like a recipe for disaster to me. Better to su when you >need to, or learn how to set up sudo. Richard wrote: >"Are you sure you know what you're >doing?" > >To me this is highly dangerous from the point of view of system security >and stability. > >What are you trying to achieve? There has to be a better way. Todd, Richard: if I only allow the group 'rodolfo' to read those directories and not to modify them in any way, then I don't see the danger. Anyhow, if the system tries so hard to oppose to what I'm doing it's quite clear that I'm trying to achieve what I want the wrong way. What I wish to do though is quite simple. 'rodolfo' is a normal user, but Rodolfo (me) is also the superuser, whereas say, 'alberto' is only a normal user. Then I wish to adopt for alberto a security level 4, i.e. alberto should not be able to see the '/' nor the '/home' directory (although he should be able to see and use the /mnt directory) and for rodolfo a level security 2, i.e. he should be able to see (but not to modify) the '/' dir and its subdirs. Now, the command 'chmod' as far as I know cannot diversify different permissions to different users: if I do, e.g., 'chmod -r /', this will prevent *all* users (not only alberto) to read the '/' directory. Even if I do 'chmod u-r /' or 'chmod g-r /' or 'chmod o-r /' the problem remains unless I don't first change the ownership of the dirs whose readability I want to attribute to rodolfo and not to alberto. That's why I did, under a security level 2: # chgrp rodolfo / # chgrp rodolfo /* # chmod o-r / # chmod o-r /* # chmod o+rwx /mnt # chmod g+rwx /mnt ; but, as we saw, the first two operations were not permanent. Maybe you could suggest a better way to achieve this purpose? Sorry if I was a little confusing, but the matter is not immediate to explain. Thanks, Rodolfo ____________________________________________________________ Regala e regalati Libero ADSL: 3 mesi gratis, navighi veloce e scarichi a 1.2 Mega. Abbonati subito senza costi di attivazione su http://www.libero.it
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
