Is it possible / how can I?

I have two directories "money" and "assets".

I have two users, "jonn" and "jean".

I "need" john and jean to share a login called "post".

I want John and Jean to use this "post" login to be able to write a file to folders called "money" and "assets".

I don't want them to be able to "read" files in either directory.

I tried chmod 400 and that didn't work. They couldn't write a file to the directory.

What permissions can I give / assign so that they can write a file but they can't read any other files? Remember, there are different directories that they will "write" the files to.



No doubt you can change file and directory permissions on files such that when you upload a file via ftp, it uploads fine but isn't visible to the uploader.

Anybody?

Permission masks are additive- 4 2 1 0 (read) (write) (execute) (none) and the sections are [special][owner][group][everyone]

So read and write is 4+2=6, read and execute is 4+1=5, etc.

In the case of permissions its moot if 1 person or 10 access an account unless they're logins. In this case it appears you have 1 login (post) and two directories (money/assets).

So --

Make sure post exists as a user and as a group.([special][owner][group][everyone] 2730= (Special:SetGID, Read/Write/Execute, Write/Execute, None))

A directory must have execute permissions for a user to be able to change directory something where that permission set is applied... so you need a 1 and you want the ability to write so 2, 1+2=3.

If jonn and jean had an account each you could add them to the post group and their users could write there but not read the directory.

If this isn't clear wikipedia has a good write up on permissions in unix under the chmod entry.

1 members found this post helpful.

Wow, I think that did it! Even the local linux guru didn't know how to achieve this.

Of course I thought chmod could only be 3 digigts, ie. 664, etc.

Thanks for your help!

When you use 4 digits with chmod, the first digit is a special thing that does not correspond to the normal read/write/execute permissions. You'll have to look up the special permissions and read about them if you want to use them properly.

The "special" one is 4- setuid, 2 setgid, 1 sticky bit... (the last of which is mostly depreciated.) Setgid helps keep permissions sane and consistent in a case like this. There are more details on the wikipedia article if you want to follow up on it. Even the three digit 730 would have worked... you'd just have potentially had permission issues over time if other apps/people/etc were writing to the directory. Setgid will help keep things in those directories writable by post.

Don't forget if you have trouble with the bit mode of setting perms you can also do it by letter-- chmod u+rwx (owner add read write execute) chmod g-r (group no read) chmod o-rwx (others remove all access) chmod a+rwx (all perms to read, write, execute). The one really neat one is chmod a+X which basically sets the execute bit ONLY on directories (so anyone can cd to them but potentially not read/write them if they have no permissions) without setting file permissions, typically people use a find to perform that operation but it's actually a chmod built-in too.