1 unix system group permissions and advance, 2 unix system permissions on directories, 3 turning off unix system permission checki – Siemens Unix V4.0 User Manual

Troubleshooting

Different System Access Permissions

Product Manual

U7613-J-Z815-6-76

©

S

ie

m

ens

Ni

x

d

o

rf

I

n

fo

rm

a

ti

o

ns

s

y

s

te

m

e A

G

19

95

P

fad

:

D

:\

O

761

3e

6\

u76

13

e.

k

1

1

11.3.1.1

UNIX System Group Permissions and Advanced Server

The effect of setting UNIX system group permissions on Advanced Server files is limited.
In the UNIX system, the group field is used for storing information about file attributes.
When a file is accessed from a client computer, its group may change to reflect its attributes
(for example, to DOS----). Therefore, it is inadvisable to rely on UNIX system group permis-
sions to restrict access to Advanced Server files.

11.3.1.2

UNIX System Permissions on Directories

UNIX system permissions on all directories in the path leading to a file must be at least read
and execute (RX) for users to access files on Advanced Server successfully.

11.3.1.3

Turning Off UNIX System Permission Checking

If the protection of Advanced Server files provided by UNIX system permissions can be
ignored, and if it is appropriate to rely solely on Advanced Server permissions to manage
file access, you can set the IgnoreUnixPermissions keyword to 1 (ignore UNIX system
permissions) in the Advanced Server Registry. This keyword is in the following key:

\SYSTEM\CurrentControlSet\Services\AdvancedServer\FileServiceParameters

This will cause Advanced Server to ignore all UNIX system permissions on files except for
read-only permissions, which are translated into read-only file attributes when client
computers attempt to access files.

Note that the setting IgnoreUnixPermissions=1 is effective only if the UnixQuotas

parameter is set to 0.

For more information about the Advanced Server Registry, see the

“Advanced Server

Registry”

chapter.

11.3.1.4

UNIX System File and Directory Permissions

UNIX system file and directory permissions are assigned by a default set of access permis-
sions on the system upon creation of files and directories. The UNIX system distinguishes
the following three types of users with respect to access permissions:

1. User — If you own a UNIX system file or directory, you can assign it access permissions

for yourself. For example, to prevent unauthorized users from executing a program, you
can assign execute permissions to yourself only.

2. Group — You can assign permissions for other users in your group to files and direc-

tories that you own. When your administrator creates your home directory, you are
automatically assigned to the UNIX system group

other

, as are all others with home

directories. This assignment enables you to share data easily with other network users,
but prevents UNIX system users in different groups from reading or changing your files.

!