Proper use of permissions ?
 

This is a general question about proper procedure -- not about individual commands?

I have been using RH9 for a about a year. I am the sole user. I have no network.

When opperating as user I have been using 'su' or changing the permissions on programs as I need them, but it has been rather random -- just changing permissions until I can execute a file as user. I am certain I have changed many permissions unnecessarily.

I usually do a 'whereis' and then 'chmod' and/or 'chown' all the files that show up.

Can someone tell me how to go about this in a more organized or professional manner? Should I change the /usr directory where most of the files/programs I want to use are? Is there a mental checklist of files or directories I should be checking? Should I be using links? When I download can I prevent every file from becoming root? Are there other questions I should be asking myself?

I have googled and gone over my manuals. There is lots of information about how individual commands work, but I can't find anything about an overall approach to making programs owned by root safely available to user (me).

I would appreciate any advice and If you know a good resource that answers these kind of questions that would be very helpful.

Thanks Bill

sorry deleted, my response had been answered in your topic.

i would download as user and then install as user. if you notice a large need for access to a write permission in a dir then i would change the permissions on that dir-the files installed should retain their user permissions, but i left rpm awhile ago because installing from source gives you way more control and less headache in the long run-just read the docs with the tarball and edit any configure script and /or makefile to your situation and su to root to "make install" and it's been good to me. sorry i can't reply as an expert, but this might get things moving a little-i would also try to change as few permissions as possible because you don't know when you might want to let "non root peeps" use your setup-i have a user setup with a bs password in case i want to let someone fool around with linux or do his email or something and i don't have to be concerned-for me as another user, i su when necessary or add myself to a group w/appropriate permissions. get slackware-not nearly as much stuff between you and what you want-good luck.

Thank you for the advice tincat2;

I was hoping someone could suggest a resource, site etc. that would have an administrative strategy approach. The questions I have are too numerous for an individual to take the time to respond to them all.

I include them here as an example of the kind of info I am looking for.

For example, keeping in mind I am a sole user, and don't have network concerns - yet.

Should I set up a seperate guest-user and restrict their access to files so that I can be much freer with my own?

Should I make all my CD-ROM drives, and other hardware available or is there definetly some that should be protected by root even from me?

Should I automatically make download manuals and documents available to me and yelp?

Am I misunderstanding or is there a way to use links to give me access to files will denying it to others?

Does a check list exist that might help me make access decisions, etc.?

I think I fairly well understand how to implement the various permission commands - I am looking for a best use strategy -- probably from the "voice of experience".

Yours Bill

http://www.tldp.org/ This is the Linux Documentation Project, it should have the info you need.

If you expect others to use your machine, yes!


If you have hardware that you and others use, your normal permissions should be sufficient.

All your documents, manuals, etc. should be available to you. If you have others using your machine, you may want to deny admin manuals to them (it won't hurt for them to have them, as long as they do not have the root password).


If the file permissions do not include others, the link will not allow them, either. You can change the permissions for a link, I think, so that you can access them...

I'm not sure of this, but you may find that info at the link I gave you above.

Your 'strategy' will depend upon your needs. There will be a different one depending upon what you intend for your system to do. A desk top system will need one 'strategy', a network system will need another, etc. As you said, it will take the "voice of experience"!:cool: