Need to protect a file

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • kriz4321
    New Member
    • Jan 2007
    • 48
    #1

    Need to protect a file

    Hi all,

    In my server we login with a common userid/passwd. There is a file created with this Id and everyone has acess to modify the contents. We need to restrict this in such a way that when a person tries change certain this in the file he should be restricted in doing it.

    Basically It should ask for a passwd before saving the file so only few within the same group will have control to do so...

    Note: We cannot use root passwd. We cannot change the perm of file as every user logins with the same user/passwd they can also change the perm...
    Tags: None
    • kriz4321
      New Member
      • Jan 2007
      • 48
      #2
      Forgot to mention the OS it is linux file. The filename extension also should not be changed.....

      Thanks in Advance..

        Comment

        • Nepomuk
          Recognized Expert Specialist
          • Aug 2007
          • 3111
          #3
          Well, the idea behind the Linux (and Unix) user system is, that everybody should have their own account. With that, you should be able to protect any files of your own from anyone else via
          Code:
          chmod 700 my_file
          for no access by others, if others should be able to execute it:
          Code:
          chmod 711 my_file
          and if they should be able to execute and read, but not write to it:
          Code:
          chmod 755 my_file
          If that is not an option, we'll have to think of something else. You could of course hide the file by just renaming it
          Code:
          mv my_file .my_file
          but anyone who knows it's there or has a look at hidden files will see it.

          Next thought that comes to mind is file encryption. I've never used single file encryption before, but there should be plenty of tutorials on the web. It would allow only that person, who knows the code, to change it (while knowing, what he/she's doing). I guess it could still be deleted, but at least no one could just change it without you noticing.

          Can't think of any better method right now.

          Greetings,
          Nepomuk

            Comment

            • Laharl
              Recognized Expert Contributor
              • Sep 2007
              • 849
              #4
              I would recommend creating a group, myfile_editors or some such, and change the owner of the file (via chown) to that group. Then add everyone that needs edit access to the group and set the permissions with chmod, possibly to 744 (owner does anything, anybody else can read it and not execute, 755 gives execution rights as well).

              This does require you to create actual user accounts. There is probably a way to password-protect the file, but I don't know how, I'm afraid, other than some sort of shell script...

                Comment

                • AIProgrammer
                  New Member
                  • Jul 2008
                  • 28
                  #5
                  Hi,
                  I would like to provide a further suggestion. It MAY work for your case. You may change the 'sticky-bit' of the file, the same way you change your file permission.(chm od or through some file-manager). In this way, it gets locked in the SWAP SPACE, and files residing there cannot be changed. This should THEORITICALLY provide some speddup in access-latency as well, but on modern computers, it hardly matters. You may chage the sticky-bit every time you want to allow some users, and lock it back when you want it protected.

                  Try it, it may solve the preoblem!

                  Bye.

                    Comment

                    Previous template Next
                    Working...