File Permissions - Yet Another Question / Clarification
Achim Gratz
Stromeko@nexgo.de
Thu Apr 2 18:41:00 GMT 2015
Bryan Berns writes:
> In the real world in large corporations with focus on security,
> "Administrators" is typically a tiered or least privilege arrangement.
He's talking about "Administrators" the SID (group).
In any case, I'd start with a throwaway share (or save the permissions
with subinacl if I had to use a live one). Then remove the inherited /
default DACL from a subdirectory:
mkdir sub
setfacl -k sub
setfacl -b sub
Then check how this behaves w.r.t. POSIX permissions and file ownership.
Populate this directory with files and check those, too. The ~/.ssh
directory and their content shouldn't have any DACL on them in any case
if you c want to be sure it works the way sshd is wanting it to.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
SD adaptations for Waldorf Q V3.00R3 and Q+ V3.54R2:
http://Synth.Stromeko.net/Downloads.html#WaldorfSDada
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list