Enforce minimal file/ dir permissions
Mister Olli
mister.olli at googlemail.com
Sat Jun 21 11:51:51 UTC 2008
hi hi...
after looking at the mac_bsdextended docs I found out, that it will not
solve my problem:
> "When access to a file system object is attempted, the list of rules
> is iterated until either a matching rule is located or the end is
reached"
<-- From http://freebsd.therek.net/handbook/mac-bsdextended.html
all these rules only apply when you try to read a file.
In my case I have to enforce what filesystem rights should be applied
when writing the file.
Does anyone have ideas how to solve this. I'm quite frustrated, cause I
haven't found any way to do this...
greetz
olli
Am Montag, den 16.06.2008, 08:21 -0400 schrieb Bill Moran:
> In response to Mister Olli <mister.olli at googlemail.com>:
>
> > Hi...
> >
> > on my filer I have to enforce minimal file permission of 664 for files
> > and 755 for directorys.
> >
> > no user should be able to change them to a value less than that.
> >
> > any ideas how to do this?
>
> Look at MAC and the bsdextended module (filesystem firewall):
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac-bsdextended.html
>
More information about the freebsd-questions
mailing list