As long as you are talking about a data account, you should be fine. Be
very careful changing the permissions on any of the UV directories.

If your system is used by users who do not need access or should not
have access to UV then I would create a uvusers group, which you can
then add users who are entitled to access the database to.

e.g. /etc/group
     501:x:uvuser1,uvuser2 etc..

    -rw-rw---- root  uvusers UV.DATA.FILE
    -rwxrws--- root  uvusers UV.DATA.DIRECTORY

The 's' indicates that any files created in the directory get assigned
the group who owns the directory and can be set with chmod 2770
directory name.

find . -type d -exec chmod 2770 {} \;
find . -type f -exec chmod 660 {} \;

The users umask should be set to 007 if the login profile, or the LOGIN
paragraph.

Phil.


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brutzman, Bill
Sent: Thursday, 16 February 2006 1:15 p.m.
To: u2-users@listserver.u2ug.org
Subject: [U2] Unix Security

In the name of enhacing security, I want to change UniVerse file
rights...  

    from   -rwxrwxrwx   root   test    UV.DATA.FILE 
    to     -rwxrwx---   root   users   UV.DATA.FILE 

Will end-users be able to do their transactions?
Will the print applications work?
Are there any special considerations for UV?

Suggestions would be appreciated.

--Bill
-------
u2-users mailing list
u2-users@listserver.u2ug.org
To unsubscribe please visit http://listserver.u2ug.org/
-------
u2-users mailing list
u2-users@listserver.u2ug.org
To unsubscribe please visit http://listserver.u2ug.org/

Reply via email to