Hey guys.

A quick question.. I have a folder with perm 755 , however I need any newly created file in that directory you have the permissions 222 (Write only).

Folder: foo (755)
File: foo/me.txt (222)

I need it to be automatic not - manual chmod.

Note:
FS = ext3
OS = CentOS6
SElinux - Disabled (not planning to use it)

Thanks guys

There is no purpose to a write only file...

If you can write to it, you can replace the contents.

I have a script running on my cloud server that runs chmod 777 on all the files on its SMB share. Goes something like this:

The script will quit every 24 hours or so, but it works while the script is going.

Read docu about umask: This specifies the permission bits to be subtracted from newly created files and directories. After

you get -w--w--w- files and directories. Which is useless, because they cannot be accessed. It is not secure also, because the owner (=creator) can change permissions with chmod.

You should be getting errors with that... like "stack overflow"

And it is rather insecure - as anyone can change anything in the tree. Even add viruses.

Sorry - should have quoted:

You should be getting errors with that... like "stack overflow". Normally you would do a two pass operation as
Instead of using a recursive script without a termination test...

And it is rather insecure - as anyone can change anything in the tree. Even add viruses.

Hi guys,
}
Thanks for the update - creating a script and cronning it will work, there must be a way of doing

In addition - If the option is there then (there is a use for it). you can change content - only if you know what file you are changing .

i looking in to gsid - or stiky node but does not seem to work.


I was just wondering if this could be done.

Thanks again .

Or you could install incron and have an incrontab set to run any time a file is added to the directory. That way there will be little to no delay.

Edit: PHP error on the site caused a duplicate post.

If they can get past the layers of security. User names are cryptic, and the passwords even more so, and they change regularly. Different users for different services. There is no root account. Only I know the IP, which can change as often as I like. That's just to name a few little security features I have.

Anyone trying to hack it is going to get a surprise. I'm a hacker, I do this for a living. I don't think I have an issue with security at the minute. I also want full control over my files. If I don't give myself permission, I can't access my files from the locations that I would like, or via Tor if I need to.

Also, if I got an error, pretty sure I would modify the script so that I no longer get the error.

Just my opinion, but...

That is only the illusion of security, but no meaningful, manageable, testable security at all...

Only if you become aware of it before it does actual harm.

It means something if it's proven that it works. I can manage it just fine. I've tested it, it works. Are you volunteering to test it?


http://www.merriam-webster.com/dictionary/security

: the state of being protected or safe from harm - pretty sure my server protected and safe from harm.

: things done to make people or places safe - Strong password, hardware firewall (didn't mention that before), and whatever I added previously. Illusion? Really?? Relative security, yes. Absolute security, absolutely not.

: the area in a place (such as an airport) where people are checked to make sure they are not carrying weapons or other illegal materials - You're checked at the login screen. You fail 5 times you're out for about a minute. A pain to hack unless you are a professional who is familiar with the low-level workings of a UNIX system, and can manipulate it over a network. Very few people can do this, and the vast majority charge big bucks and/or work for the NSA. You're not from the NSA are you? The average script kiddy that would try to hack a SSH server using common login/passwords would utterly fail at this. My password isn't root123, it's more like &UJM5tgb&UIJK<0p;/&^YUHJN (only a little longer). Try that one with ophcrack.

Sorry, it was not my intention to upset you, and I know nothing about your security except what was stated in previous posts here.

Based on that information, and especially with what you have added I would stand by my observation that you are at least partly operating under the illusion of security.

My comments were intended to be helpful to yourself and anyone else who might read this thread, not to pick an argument, so I'll step out now.

Best of luck to you!