Sorry for replying to an old thread but... Just to repeat the problem:
Suppose you put info on a Netapp that wasn't supposed to be stored online. It gets into a snapshot. You can't delete it from the snapshot, because snapshots are read-only. You can delete the snapshot, but what if your users need the snapshot for other reasons? What doesn't work: You can try to set the permissions of the parent directory to be 0000 so nobody can get to it from /home/$USER/path/to/the/.snapshot/*/file (for example, set "to" to mode 0000). Why doesn't that work? People can get to the file through this path instead: /home/$USER/.snapshot/*/path/to/the/file Here's the new information that I have: You can disable the ability for people to view snapshots until the snapshot has expired and been deleted naturally. Presumably this doesn't affect your backup and other systems. If, during that time, someone needs access to snapshotted data, you can enable it briefly and re-disable them. Thereby reducing the risk window. Tom On Wed, Apr 28, 2010 at 8:06 PM, Edward Ned Harvey <[email protected]>wrote: > I hope you like academic exam questions, long since after you completed > your > degree. ;-) > > Here's a new question for netapp admins: > > (as root) > mkdir -p a/b/c > echo "secret info" > a/b/c/info.txt > chmod 777 a > chmod 700 a/b > chmod 777 a/b/c > chmod 666 a/b/c/info.txt > > Now, a normal user should not have any access to info.txt because they get > blocked by the 700 perms at the "b" directory. But if the file were moved > outside the "b" directory, or if the perms were more permissive on the "b" > directory, then normal users could have access. The only obstacle stopping > users from accessing "secret info" are the 700 perms on "b" directory. > > Create snapshot. > > echo "public info" > a/b/c/info.txt > Now, do one of the following: > mv a/b/c a/c > or > chmod 777 a/b > > By doing this, normal users have been granted access to info.txt, but if > they read it, they'll only see "public info." But the question is: Can a > normal user access "secret info" in either a/c/.snapshot, or in > a/b/c/.snapshot? > > > _______________________________________________ > Tech mailing list > [email protected] > http://lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- http://EverythingSysadmin.com -- my blog http://www.TomOnTime.com -- my advice
_______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
