Hello,
In the NTFS file system, under the security option in a folder's properties, there is an advanced option where a user/group can be restricted from writing or deleting existing files in the directory but at the same time can be granted permission to create a new file or folder. So while existing data on that folder cannot be edited or deleted, the user can paste new files in that folder. Can such special permissions be granted in EXT3 or JFS file systems? On the net I find that advanced ACLs mainly have 3 options of read write and execute. If write permission is granted, user will delete files. Without read permission, user cannot paste new files.
On Mon, Dec 1, 2008 at 12:37 AM, Rony Bill gnulinuxist@gmail.com wrote:
On the net I find that advanced ACLs mainly have 3 options of read write and
execute. If write permission is granted, user will delete files. Without read permission, user cannot paste new files.
The last sentence should read Without write permissions, not read. Sorry for the typo.
-- Regards,
Rony. GNU/Linux No Viruses No Spyware Only Freedom.
On Sun, Nov 30, 2008 at 2:07 PM, Rony Bill gnulinuxist@gmail.com wrote:
Hello,
In the NTFS file system, under the security option in a folder's properties, there is an advanced option where a user/group can be restricted from writing or deleting existing files in the directory but at the same time can be granted permission to create a new file or folder. So while existing data on that folder cannot be edited or deleted, the user can paste new files in that folder.
Apart from enabling ACLs on ext3, for the specific scenario you mentioned, adding the sticky bit on the directory achieves this. /tmp has this attribute set so that any user can create files there but cannot delete files which belong to others.
Can such special permissions be granted in EXT3 or JFS file systems? On the net I find that advanced ACLs mainly have 3 options of read write and execute. If write permission is granted, user will delete files. Without read permission, user cannot paste new files.
-- Regards,
Rony. GNU/Linux No Viruses No Spyware Only Freedom. -- http://mm.glug-bom.org/mailman/listinfo/linuxers
Regards, Mohan S N
On Mon, Dec 1, 2008 at 12:37 AM, Rony Bill gnulinuxist@gmail.com wrote:
Hello,
In the NTFS file system, under the security option in a folder's properties, there is an advanced option where a user/group can be restricted from writing or deleting existing files in the directory but at the same time can be granted permission to create a new file or folder. So while existing data on that folder cannot be edited or deleted, the user can paste new files in that folder. Can such special permissions be granted in EXT3 or JFS file systems? On the net I find that advanced ACLs mainly have 3 options of read write and execute. If write permission is granted, user will delete files. Without read permission, user cannot paste new files.
You can look at ACLs in ext3 in general and xattrs ( extended attributes ) to help you in this quest.
Mapping between unix and NTFS permissions can never really be complete since they are two different models altogether.
user lists and application policies (app armour ) usually solve a lot of problems and work better than the weirdness that windows propogates.
e.g NTFS has 12 atomic permissions which work differently depending on the combo evoked. Mapping this has been a nightmare for the most strongest of Samba developers because NTFS != posix . MS creates standards which only they can implement.
alternatively you can check out ext4 for such features. I am not sure how much the permissions model has changed there but it has improved is what i have read. About time it gets tested too ! :)
regards, C
-
Chetan S -
Mohan Nayaka -
Rony Bill