I'm struggling with file permissions under Linux; there doesn't seem to be any way to keep the file owner from changing permissions on a file or directory or to automatically assign rights to newly created subdirectories. :confused4
What I need: to create a bunch of user directories while another user still has list access so disk usage and files stored can be monitored with a cron job. This is under shared hosting, so running as root is out of the question.
Under NTFS this would be easy: create the user's directory, add the user with the full permission set except deny change permissions on the main directory and any subdirectories and assign ownership of the directory to the user. Then add the monitoring user with traverse and list folder rights on the main directory and any subdirectories.
If the user should create any subdirectories, list permission would automatically be assigned to the monitoring user since the permissions are recursive.
Under Linux I could create the folder and chmod it to 740 with the monitoring user as the group, but as far as I understand it, nothing's keeping the user from changing it to 700.
Even if they don't manually change it, any newly created subdirectories wouldn't have the group permissions applied to them.
Edited to add that impersonating each user to get a directory listing would be a possible - if not desireable - solution, but Linux seems to lack that capability as well. :eek2:
What I need: to create a bunch of user directories while another user still has list access so disk usage and files stored can be monitored with a cron job. This is under shared hosting, so running as root is out of the question.
Under NTFS this would be easy: create the user's directory, add the user with the full permission set except deny change permissions on the main directory and any subdirectories and assign ownership of the directory to the user. Then add the monitoring user with traverse and list folder rights on the main directory and any subdirectories.
If the user should create any subdirectories, list permission would automatically be assigned to the monitoring user since the permissions are recursive.
Under Linux I could create the folder and chmod it to 740 with the monitoring user as the group, but as far as I understand it, nothing's keeping the user from changing it to 700.
Even if they don't manually change it, any newly created subdirectories wouldn't have the group permissions applied to them.
Edited to add that impersonating each user to get a directory listing would be a possible - if not desireable - solution, but Linux seems to lack that capability as well. :eek2:
Last edited: