Subj : Re: Proper Permissions
To   : comp.os.linux
From : ibuprofin
Date : Thu Dec 23 2004 08:00 pm

In article <1103738110.48522@nntp.acecape.com>, daniel kaplan wrote:

>I am need of some help with permissions.  Essentially I have some perl
>scripts that create a new folder everytime a new user is created.

We call them 'directories' no folders (a term windoze stole from Apple)

>That script sets the permissions, but am confused as to which are the
>"correct" permissions to set....right now I am just using 777 since this is
>a prototype, but i just hate that, and not knowing to boot.

With the exception of /tmp/ (and /usr/tmp and /var/tmp), there should
NEVER be anything with mode 777.

>what  I would like is for every new user created, create the following
>structure in an existing folders called USERS

[snip illustration]

>The script would create NEWUSER, and within it create TEMP and APPROVED

That's easy

>and I would like the rights to be so that anyone can write to TEMP but not
>read and anyone can READ from APPROVED but not write.

What POSSIBLE reason would you want anyone to be able to write to a users
directory structure?   The TEMP directory would need -rwx----w-  while
the APPROVED directory would be rwx---r-x but this is (politely) insane.

>Would appreciate any links, clue etc.

man chmod

I'm setting both directory so that the owner has all rights, the group
that the owner belongs to has none (because you didn't define anything
about the group). The 'others' permission of -w- gives anyone the
right to write there, but they can't read, or stat the directory. The
'others' permission of r-x gives anyone the right to read the files and
the right to use the 'ls' or 'dir' command.

These permissions are very strange - and probably quite unsafe. I can't
imagine any circumstance where this should be permitted, as it is a
security nightmare in the making.  What on earth are you trying to do?

        Old guy

.