[plug] msec and file permissions

Ben New ben at leftclick.com.au
Thu Dec 4 20:08:40 WST 2003


Hi,

Just wondering if there is a way to setup Mandrake security (msec) to 
apply file permissions recursively?


What I mean is suppose there is an entry in 
/etc/security/msec/perm.local like this:
/some/path current 744

This is the equivalent of the following command, when msec is run:
chmod /some/path 744

What I want to know is, how do I make it run the following slightly 
different command?:
chmod -R /some/path 744

Basically, I want to ensure that all files under /some/path will remain 
with, and be given when created, the specified permissions. 


The main problem is that users login under their own personal group 
(e.g. I login with user=ben, group=ben), but I want the files to be 
owned (and read/writeable) by "real" groups - i.e. groups that have more 
than 1 user in them.  Users are adding files to a shared directory and 
then those files aren't useable by anyone else. 

There are a number of paths this needs to be applied to, with different 
groups applying to each path, so having users login with a different 
group is not a suitable answer. 

All in all I reckon msec is a worthless pile of dung that should be 
evicted from Mandrake.  It causes more problems than it's worth and is 
trying to make a complex issue far too simplistic, so everything ends up 
being a work-around.  It's the worst part of the distro IMHO.

Anyway if there is no way to achieve this with msec I'm going to just 
write my own script, it's not exactly rocket science, and tell msec not 
to bother with setting permissions.

Thanks,
Ben

P.S. Mandrake 9.1, security level 4

-- 
Ben New
ben at leftclick.com.au

Leftclick Software Development
http://www.leftclick.com.au/






More information about the plug mailing list