Re: Permissions question (follow up)
Re: Permissions question (follow up)
- Subject: Re: Permissions question (follow up)
- From: John Scalo <email@hidden>
- Date: Tue, 03 Dec 2002 19:41:41 -0800
The solution for me appears to be to use a permissions mode of 771 instead
of 770 on the directory that I don9t want the user to browse into. Having
the execute bit set on the folder allows processes to traverse into them and
work with the files inside (assuming their permissions are set adequately)
yet a non-admin user will not be able to browse inside that folder from the
Finder or Terminal (or any directory browsing app for that matter). They
would have to know the names of the files inside in order to delete them.
The suggestion of simply making the folder invisible is a good one, but has
the downside of not allowing legitimate admin users to browse inside from
the Finder, and in my case they might need to check on the files in this
folder.
Cheers,
John
On 12/2/02 11:18 PM, "John Scalo" <email@hidden> wrote:
>
I have a situation where I need a user-level process to be able to read,
>
write, and create some files, but want to prevent the user (non-admin) from
>
seeing or deleting those files in the Finder. My thought is to put these
>
files inside a folder with mode=777, but to have that folder inside another
>
with mode=770.
>
>
So for example
>
>
/Library/Application Support/My App/Restricted Data/files.*
>
775 775 770 777 777
>
>
This succeeds in keeping the user from browsing into the My App folder in
>
the Finder, but will a non-admin process (that is, one launched by a
>
non-admin user) have free rein inside the Restricted Data folder or are
>
suitable permissions required all the way up the path?
>
>
Thanks!
>
John
>
_______________________________________________
>
cocoa-dev mailing list | email@hidden
>
Help/Unsubscribe/Archives:
>
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
>
Do not post admin requests to the list. They will be ignored.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.