User Account

All Pages

Save Text Attribute in Linux Assignment Help

Assignment Help: >> Security - Save Text Attribute in Linux

Save Text Attribute in LINUX

files inside which directory can be removed or renamed only through the owner of the file or the directory (owner of the public directory) or by the root or the file is writable by the user if a directory is publicly writable and has the sticky bit set.

This avoids the users from deleting files of others users from public directories

The Save Text Attribute authorization can be set as below.

#chmod 1777 projectdirectory

OR

#chmod           a-rwxt projectdirectory

#ls -ld projectdirectory

drwsrwsrwt     2          root      other    513      Sep      18  16:27 projectdirectory

In some cases a "T" in the instead of "t" can be found in the output, this indicates an error condition that, the save text attribute bit is on but the execute permission bit is off.

Within Solaris and SCO Operating System the save text attribute is known as a sticky bit.

Access Control Lists          (ACL )* (In Solaris O/S)

In   traditional   Unix   file   protection   gives   read,   write   and   execute   authorization   for   the   three   user classes;   file's   owner,   file's   group   and   other.   The ACL   gives   better   file   security   through   enabling   file permissions   to   be   described   for   the   owner,   group,   other, specific   group, specific   users,   and   default permissions.

For every file which is specified, setfacl will either replace its entire ACL, involving the default ACL on a directory,   or   it   will   add,   change,   or   delete   one   or   more   ACL   entries,   involving   default   entries   on directories.

The setfacl command is used to set or modify ACLs. It maintain the following options

 -d          -         Deletes the specified ACL entries

-m          -         Adds/changes the specified ACL entries

-s          -         Replaces the whole ACL with specified entries

The file owner all access, the file set owner read access only and the ACL mask read/write access and others no access.

 #setfacl-s user:shea:rwx,user::rwx,group::rw-,mask:r-,other:-abc

 OR

 # setfacl -s u:shea:7,user::7,group::6,mask:4,other:0 abc

Remember that after this command, the file permission bits are rwxr.  Still   by the file group owner   was   set   with read/write   authorization,   An   ACL   mask   entry   limits   it   to   have only read permissions. Mask entry also specifies the maximum permissions available to all additional user and group ACL entries. Once again, even by the user shea was set with all access, the mask limits it to have   only read permissions.    The ACL mask entry is a fast way to limit or open access   to   all   the   user   and   group entries in it.  For example, by changing the   mask entry to read or write, the file group owner and user shea both would be provides read/write access.

The given example adds one ACL entry to the file abc, that provides user shea read permission only.

# setfacl -m user:shea:r-abc

 OR

# setfacl -m u:shea:4 abc

The ACLs for a file or a directory can be shown using getfacl command.

 # getfacl -d abc

This   command can be used in the SCO there is no concept of ACLs in SCO. The files in /tcb/files/rootcmds/... should be edited to enable the users to run as root after setting the appropriate "setgid" using chmod. Refer the asroot man pages for more details.
Order Assignment

Featured Services

Order Now

Popular Subjects

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd