[rsbac] Disable file deletion.
Amon Ott
ao at rsbac.org
Mon Jul 2 16:59:44 CEST 2007
On Monday 02 July 2007 16:45, Sander Klein wrote:
> I'm new to rsbac so this question might be off topic for this list.
>
> I'm looking for a way to have my users upload files (preferably
> using ssh) and not be able to delete or modify them after they have
> uploaded them. Is rsbac capable of doing this?
You can set FF flag APPEND_ONLY - all allowed write accesses are
CREATE and APPEND_OPEN then. RC and ACL can do the same, and
additionally allow somebody else different kinds of access.
So you can easily deny RENAME, DELETE and other write accesses. RSBAC
does not have a "write_once" right, though, so that appends will
still be possible.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list