[COMP] Re: File Permissions
- To: <computers@xxxxxxxxxxxxxx>
- Date: Sat, 22 Jul 2000 17:17:15 -0700
Thanks John,
All I'm really interested in is keeping the administrator/super user from
viewing the file. If he/she could delete it, I don't care.
Mike
-----Original Message-----
#From: computers-bounce@xxxxxxxxxxxxxx
[mailto:computers-bounce@xxxxxxxxxxxxxx] On Behalf Of John Madden
Sent: Saturday, July 22, 2000 4:55 PM
To: computers@xxxxxxxxxxxxxx
Subject: [COMP] Re: File Permissions
On Sat, 22 Jul 2000, you wrote:
> Is there a way to secure a file in Linux/Unix or WinNT that will deny
access
> by the super user or administrator?
You want to *deny* access to root? :)
The only way to do it is at the kernel level, with a set of kernel patches.
I
forget the name of the project that had done this, but I'm pretty sure I saw
it
on freshmeat.net, so I guess you should just start there...
The problem here is that you not only have to protect those files, but you'd
have to protect the ability of that admin to make a new kernel and boot with
it, or to reboot the machine with a bootdisk, etc. You'd be much better off
by just not giving this particular person root. If he can't be trusted with
a
particular file, he shouldn't be root. :) Use things like 'sudo' to give
him
more fine-grained administrative privileges.
John
--
# John Madden weez@xxxxxxxxxxxxxx ICQ: 2EB9EA
# Sys-Admin / Webmaster, Avenir Web: http://avenir.dhs.org
# LANdb: Network Admin Database - http://avenir.dhs.org/landb/
# NCPweb: Web-based frontend to ncpfs - http://avenir.dhs.org/ncpweb/
# Linux, Apache, Perl and C: All the best things in life are free!
========================================
Avenir Web's Computers Mailing List
List Modes, Subscription, and General Info:
Go to http://avenir.dhs.org/mailing.html
List Archives: http://avenir.dhs.org/archives/
Administrative Contact: weez@xxxxxxxxxxxxxx
Get computer help: http://avenir.dhs.org
========================================
========================================
Avenir Web's Computers Mailing List
List Modes, Subscription, and General Info:
Go to http://avenir.dhs.org/mailing.html
List Archives: http://avenir.dhs.org/archives/
Administrative Contact: weez@xxxxxxxxxxxxxx
Get computer help: http://avenir.dhs.org
========================================
- Follow-Ups:
- [COMP] Re: File Permissions
- From: computers
- References:
- [COMP] Re: File Permissions
- From: computers
Other related posts:
- » [COMP] File Permissions
- » [COMP] Re: File Permissions
- » [COMP] Re: File Permissions
- » [COMP] Re: File Permissions
- [COMP] Re: File Permissions
- From: computers
- [COMP] Re: File Permissions
- From: computers