[rsbac] Disable file deletion.

Amon Ott ao at rsbac.org
Mon Jul 2 16:59:44 CEST 2007


On Monday 02 July 2007 16:45, Sander Klein wrote:
> I'm new to rsbac so this question might be off topic for this list.
>
> I'm looking for a way to have my users upload files (preferably
> using ssh) and not be able to delete or modify them after they have
> uploaded them. Is rsbac capable of doing this?

You can set FF flag APPEND_ONLY - all allowed write accesses are 
CREATE and APPEND_OPEN then. RC and ACL can do the same, and 
additionally allow somebody else different kinds of access.

So you can easily deny RENAME, DELETE and other write accesses. RSBAC 
does not have a "write_once" right, though, so that appends will 
still be possible.

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22


More information about the rsbac mailing list