Results 1 to 3 of 3
Hi Team, I want to set permissions to one folder in such a way that the user can write files or create folder inside that but should not able to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-30-2012 #1
- Join Date
- Apr 2011
I want to set permissions to one folder in such a way that the user can write files or create folder inside that but should not able to delete it.
Basically reason behind this is i am using Pidgin Messenger. There is a directory of logs in which, when user chat its store his logs. Users delete the logs from going in the directory. Our management need to track the logs, whether users are using it for official use OR using for personal chat.
Please tell me the way through i can set permissions OR any alternate way to do this.
Thanks & Regards,
Last edited by paragnehete; 07-30-2012 at 07:16 PM.
- 07-30-2012 #2
You cannot do this with folder permissions.
There is the +a (append only) flag in chattr, but that wouldnt stop someone from emptying the log files (instead of deleting them).
One could set up an inotify daemon and write some script/logic to upload the logfiles everytime they get bigger
and if they get smaller (the user deleted them), archive the uploaded file and start a new one.
But this whole idea is ...pointless, and I am not even talking about ethical and legal points, only technical.
Unless you spend *a lot* of effort to make this foolproof, it -well- isnt:
Your users figured out, they are spied upon. Thatīs why they delete their logfiles.
One can easily imagine, that
- They find the button that disables chat logs entirely.
- Or change the $PURPLEHOME Using Pidgin
- Or use a crypto plugin Off-the-Record Messaging
- Or use a different instant messenger.
- Maybe a web based IM?
As you can see: Even if this upload script would be in place, there are multiple ways to render it useless.
And you cannot even claim bad attitude. Some like pidgin, others trillian. Why not?
If you/your management really wanted to go forward with this, then you would need to setup fully controlled workstations (install, app deploy, app config, logging, etc), along with network surveilance and harsh blocking lists.
P.S.: I wouldnt want to work in such an environment, but thatīs just me.
And everyone I know.
To go on:
Say, everything is in place. The user can only execute certified apps, the evil internet is blocked and every action logged.
But wait. What about smartphones?
A user can chat with those also.
No worries, new rule: All electronic gadgets have to be deposited at the entrance.
But we are still talking about a workplace, not a prison, right?
Please dont take it personal, I do not intend to mock you.
But I do find the request from your management hilariously shortsighted, so I just took that scenario and added a few thoughts.
Last edited by Irithori; 07-30-2012 at 09:25 PM.You must always face the curtain with a bow.
- 07-30-2012 #3
Sounds like where I work at.
You want all time low morale?
If the job market was better the place would have a mass exodus.
I understand the need to somewhat control the amount of time spent on non-work but when you slam the hammer down it tends to cut productivity to a lower level then what you have now.