Tom Strickland <[EMAIL PROTECTED]> writes:
> On Fri, Jul 27, 2001 at 12:43:03PM +0200, Johannes Niess wrote:
[...]
> > What about sudo? The recovered files keep owner and permissions. Let
> > the operator's sudo to the (too powerfull in this case) Amanda user
> > just for amcheck, amrecover and what else you like. You'll see their
> > actions in the syslog. The good thing: no password for the Amanda user
> > has to be given away.
> > We have set up just our tape changing that way.
>
> Good idea. I think that we will do this, but I have one more
> question. What about the "set owner to '.'" bit? Couldn't they just
> choose their home directory and set the ownership of the file to
> '.' there? Perhaps I've misunderstood the feature...
This is from my "info chmod":
"
In addition to the three sets of three permissions listed above, a
file's permissions have three special components, which affect only
executable files (programs) and, on some systems, directories:
1. set the process's effective user ID to that of the file upon
execution (called the "setuid bit"). No effect on directories.
2. set the process's effective group ID to that of the file upon
execution (called the "setgid bit"). For directories on some
systems, put files created in the directory into the same group as
the directory, no matter what group the user who creates them is
in.
3. save the program's text image on the swap device so it will load
more quickly when run (called the "sticky bit"). For directories
on some systems, prevent users from removing files that they do
not own in the directory; this is called making the directory
"append-only".
"
Unix would not have survived that long if your fears where true. :-)
HTH,
Johannes Niess
