Question on file mode 777 - Aix

This is a discussion on Question on file mode 777 - Aix ; Is that possible to set all files' mode to 777 automatically ? My problem was there is a specific directory in which any apps can create their app-related files. Different users from different groups need to come in and do ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Question on file mode 777

  1. Question on file mode 777


    Is that possible to set all files' mode to 777 automatically ?
    My problem was there is a specific directory in which any apps can
    create their app-related files. Different users from different groups
    need to come in and do the read/write to the files. Read operation is
    okay; problem is with the write.
    Is there any UNIX setup to achieve this or other way to get it done?

    My requirement is change the file to 777 automatically once file is
    successfully landed in the directory. This way user from different
    group can write to the file that someone created successfully.

    Thanks in advance


  2. Re: Question on file mode 777

    pyi thar wrote:
    > Is that possible to set all files' mode to 777 automatically ?
    > My problem was there is a specific directory in which any apps can
    > create their app-related files. Different users from different groups
    > need to come in and do the read/write to the files. Read operation is
    > okay; problem is with the write.
    > Is there any UNIX setup to achieve this or other way to get it done?
    >
    > My requirement is change the file to 777 automatically once file is
    > successfully landed in the directory. This way user from different
    > group can write to the file that someone created successfully.
    >
    > Thanks in advance
    >


    Seems like you are planning a mess.
    Have you thought about how to avoid different processes and users
    messing up each others files, be it by accident or intention?

    Some helpful direction could be:
    Let users of one group create the files (with mode 755 e.g.) and write
    to and then close them and "chown" them to a different group (which they
    also have to be members of) when they are finished. That second group of
    users could then do their own modifications, being able to identify the
    files that are ready for them by the files' group id.

    If you want to stick to your original plan, have a look at the umask
    command or system call, and prepare yourself for shooting your foot.

  3. Re: Question on file mode 777


    Joachim Gann написа:
    > pyi thar wrote:
    > > Is that possible to set all files' mode to 777 automatically ?
    > > My problem was there is a specific directory in which any apps can
    > > create their app-related files. Different users from different groups
    > > need to come in and do the read/write to the files. Read operation is
    > > okay; problem is with the write.
    > > Is there any UNIX setup to achieve this or other way to get it done?
    > >
    > > My requirement is change the file to 777 automatically once file is
    > > successfully landed in the directory. This way user from different
    > > group can write to the file that someone created successfully.
    > >
    > > Thanks in advance


    Hi,
    First, as noted above, never put 777 to file/directory.
    Now, about your problem. I think you can at least higher the security a
    little in your scenario. Create a group and assign all the users you
    want to be able to change the files in this specific directory as
    members of this group. Second - change the group owner of the directory
    to this newly created group
    chown user:group dir_name
    Third - set SVTX permission bit to this directory -
    chmod +t dir_name
    Now, everybody can change the files, but at least cannot remove them
    unless he is the owner of the file or the directory. If you want to be
    sure that everybody is able to read/write the files - set also SGID to
    the directory -
    chmod g+s dir_name
    That way every newly created file will have effective group owner the
    same, as the group owner of the directory, that the file reside in.
    Finally, you have to assure that every newly created file will have the
    77* permission - to do this change default umask value . Also, if you
    have any existing users, that have umask value different than 77*, and
    these users will need to read/write in this direcotyr, change them
    also. If you have something unclear or you are not sure how to do
    something, just write here.
    Also, performing the actions described above will not prevent user
    member of the group same as the group of the directory, to delete all
    contents of a file, leaving it empty :-) This kind of considers my post
    as unneeded.... But at least it prevents you from assigning the **7
    permission bit for others - something VERY unwise.


+ Reply to Thread