NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS102 - protection of truecrypt-file against delete
All my data on RN102 are saved in one truecrypt-file -"truecrypt_dad"- created on a laptop (OS Debian 8). This means that the RN102 manages only one file -"truecrypt_dad"-. With the below described ...
Try changing the permissions on the dad directory so that the group doesn't have write permission.
Thank you for your reply.
Both users "dad" and "mom" shall access to the file "truecrypt_dad". Only the user "dad" shall have the permission to delete "truecrypt_dad".
The question is: why is the user "mom" allowed to delete the "truecrypt_dad" if there are no permissions to rename it and move it into trash? Why is "DELETE" still active? I cannot understand this behavior.
If "DELETE" would not be active than everything would be fine for me.
merlinux16 wrote:
Why is "DELETE" still active? I cannot understand this behavior.
Linux doesn't have a separate "delete" permission. Deleting a file is done by modifying the folder the file is in. If you give someone write permission to that folder, then you are giving them permission to delete the files in it.
You are allowing mom the ability to write to /data/dad (since anyone in the parents group has that permission).
- Thank you for your reply. I modified the permission structure of folder "dad" as suggested by you and eliminated the write permission for group parents. Now /data/dad has "drwxr-x--T+" instead of "drwxrwx--T+". Owner and group are "dad" and "parents" as before. Unfortunately the user "mom" has still the possibility to delete all files! The only change is that (obviously) no new files can be created by "mom". The only possibility to avoid that the group "parents" delete something in /data/dad is to set "read only" in the window "network access" of share "dad" on the NAS-web-administration-surface. But in this way the user "mom" cannot work anymore with file "truecrypt_dad". I have the impression that the settings in "network access" of each NAS share have the right of way compared to the standard Linux permissions. According my understanding the NAS-system is given write permissions to the group parent in the folder "dad", even if the permissions structure is modified into "drwxr-x--T+". Do you see any possibility to solve my question? Thank you in advance for your support.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
