[mdlug] Read-Only access to entire system
Aaron Kulkis
akulkis00 at gmail.com
Wed Jan 7 15:48:45 EST 2009
gib at juno.com wrote:
>
> Can I set up a user ID that has read-only access to the entire system?
Possibly.
Almost everything on a Unix/Linux system is owned by root
and filemode 755...which means means readable by everyone.
But I think you're meaning read-access for things like /etc/shadow.
akulkis at kulkixd:~> ls -al /etc/shadow
-rw-r----- 1 root shadow 1362 2008-12-19 10:25 /etc/shadow
In that case, the UID would have to be a member of group shadow.
[group shadow has read access to /etc/shadow]
However...it would time quite some investigation to make
sure that this sort of thing applies to every group where
group-ID rights are needed (files with '0' as the last mode digit,
or --- as the last three permission bits in ls -l listings).
More information about the mdlug
mailing list