Comments inline below: On Thu, 24 May 2001 hugoat_private wrote: > What I'd like is to have a nested set of permissions: > > Set (A): Some subset of all users -- able to set transient events > > Set (B): Some subset of (A) -- able to set permanent events > > I can see a couple of ways of achieving this: > > 1) Have two groups (say, tsperm and tstemp) which grant access to the > appropriate configuration directory (the dirs are root.ts(perm|temp) > drwxrwx--t). -- This allows the user to edit directly their > configuration files. This allows the users in Set A to set permanent events - all they have to do is have their transient event write a new event file to the spool directory. > 2) Have two groups granting access, and check users' membership of the > appropriate group before allowing them access to the spool dirs (which > are root.root drwx------). -- This requires a suid-root program. > > I *think* that option 2 is the one to go for, but I'm not sure. My instincts say yes. > So... my questions are: > > Which of the above options is the best in terms of secure design? > Are there any other sensible options I've missed? Possibly, whenever an event executes, search in /home/*/.scheduler-eventname for a script to run for the appropriate user? I'm not sure if I like this as much as option 2 though. For example, on my home system I search certain users' homedirs for ~/bin/autoexec scripts that I will run on bootup. > What pitfalls should I try to avoid in implementing this design? See above M. -- VBScript is designed to be a secure programming environment. It lacks various commands that can be potentially damaging if used in a malicious manner. This added security is critical in enterprise solutions. -- support.microsoft.com
This archive was generated by hypermail 2b30 : Fri May 25 2001 - 12:10:39 PDT