home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!usc!sol.ctr.columbia.edu!The-Star.honeywell.com!umn.edu!csus.edu!netcom.com!netcomsv!wet!rick
- From: rick@wet.UUCP (Rick Rutledge)
- Newsgroups: comp.sys.novell
- Subject: Re: Making a read only account on 3.11
- Keywords: read-only, system administration
- Message-ID: <5238@wet.UUCP>
- Date: 25 Jan 93 03:00:30 GMT
- References: <24JAN199314325703@utkvx2.utk.edu>
- Organization: Wetware Diversions, San Francisco
- Lines: 23
-
- fnixon@utkvx2.utk.edu (Nixon, John Fred) writes:
- >I would like to make an account that has read only access to files in
- >all directories. The purpose is to have a "safe" account which can be
- >used to read any file on the server. We are running 3.11. I have read the
- >manuals, and as far as I can figure it, I wold have to add [r f]
- >permissions to each directory to the account. Surely there is a better
- >way to do this?
-
- Unless I'm missing something...
-
- 1) Make an ID which is a member of NO GROUPS - not even EVERYONE.
- 2) Grant RF access to the root of each volume.
-
- The rights should cascade. Since most of your directory access for general
- purposes would be granted to EVERYONE or some other group, and this ID has
- no group membership, rights which are explicitly denied (such as W in
- PUBLIC) would not apply to this ID. Unless you have directory rights set up
- funny, that should do it.
- --
- ------------------------------------------------------------------------------
- Rick Rutledge {hoptoad|ucsfcca}!wet!rick rick@wet.UUCP
- "Voici le secret." dit le renard. "On ne voit bien qu'avec le coeur.
- L'essentiel est invisible aux yeux." -Antoine de St. Exupery, _le Petit Prince_
-
