SUMMARY: preventing users from setting 777 permissions

From: Sugan Moodley <suganm_at_absa.co.za>
Date: Sat Jan 17 2004 - 22:56:05 EST
On Fri, 2004-01-16 at 04:03, I  wrote:

> Greetings,
> 
> I have a terrible problem with users who "chmod 777" their files 
> because... well they're lusers!
> 
> Is it possible on Solaris (anything from 2.6 to 9) to deny the "OTHER" 
> unix group from being set to full RWX permissions.
> 
> This includes files and directories in the user's home directories.
> 
> I have a umask 027 in /etc/default/login but that does not help.
> 
> Thank you,


Thanks to:

Tim Villa,
Rich Teer,
GertJan Hagenaars,
Kevin Buterbaugh,
Reggie Beavers,
Thomas M. Payerle,
Lewis, Orville M
Unix Guy @ a yahoo address
Johnson, Chad
Michael Jeffries (M)
Kugendran "Ted" Naidoo
Woogie Mahlangu III

The majority of the responses where about changing the chmod binary itself 
by either changing the permissions on the file itself or creating a wrapper.

Since it is my policy to keep the system as standard as possible this was 
not an option. Nevertheless sooner or later someone is gonna get "smart" and 
find a way around it. In any case most of the users need to use chmod for 
legitimate reasons.

The option of enforcing a company policy to discourage this implies
"policeing" the users with the threat of 
disciplinary action (not my style - better to gas the buggers - J.K. )

The option of using Role Based Access Control lists intrigued me 
and I've decided to go this way. Combined with a Java Enterprise System
controlling the show... life just got a whole lot more interesting.

Thank you all for your assistance.

Sugan Moodley
Sysadmin
ABSA Bank

______________________________________________

E-mail Disclaimer and Company Information

http://www.absa.co.za/ABSA/EMail_Disclaimer
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Sat Jan 17 22:55:57 2004

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:29 EST