On Mon, Jul 27, 2009 at 10:57 PM, Cyril Chackocyril.chacko@gmail.com wrote:
Hi All,
Today a friend of mine showed me a security feature in Windows XP, which to my knowledge is not available under Linux.(Please tell me I am wrong).
So here goes, he showed me a security feature in Windows XP wherein the user can setup a custom access to their own files and restrict access to others, including Adminstrators.
If something like this can be done as a normal user I would think of this as a security hole. This means that the user can deny the administrator access to certain portions of a system. Imagine the pain of having to administer when users goof up in these portions.
In any case, it would be nice if you could tell us how to do that.
Is there a way to do so in GNU/Linux systems (for root)? As I am not aware
This is possible in windows because the "Administrator" account in windows is not the same as root in *nix systems. The equivalent user to root is called "system" in Windows. Due to this I am guessing you can actually deny administrators from accessing your files. You surely cannot do this for the "system" user. (Disclaimer: I am only guessing. it has been ages since I last accessed a Windows box to do any real work)
As for setting up custom access (ACLs), look up the manpage for setfacl and getfacl commands on Linux. For even tighter security, look up SELinux.