From owner-freebsd-questions Mon Nov 19 14: 7:25 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-31-203-60.mmcable.com [65.31.203.60]) by hub.freebsd.org (Postfix) with SMTP id D60DF37B418 for ; Mon, 19 Nov 2001 14:07:19 -0800 (PST) Received: (qmail 62277 invoked by uid 100); 19 Nov 2001 22:07:25 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15353.33437.744317.153424@guru.mired.org> Date: Mon, 19 Nov 2001 16:07:25 -0600 To: jaime@snowmoon.com Cc: questions@freebsd.org Subject: Re: Writable directory except for a given user In-Reply-To: <97636347@toto.iv> X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG jaime@snowmoon.com types: > I'm trying to make a directory available to a group of users equal > to all users _minus_ a given list. I know that I can use /etc/group and > chgrp and chmod to allow something to be writable to approved users. > However, I don't know how to do this as a "blacklist exclusion" approach. > Unfortunately, I have to allow all users except for a handful to access a > directory. > > Does anyone have a tip for this? Sure - create a group that you put all users in by default, and then take blacklisted users out of it. Note that the obvious solution - of putting blacklisted users in a group, the giving the directory in question to a group with readable other permisions and no group permissions - doesn't work. Last time I checked, it was trivial to take yourself out of a group. http://www.mired.org/home/mwm/ Q: How do you make the gods laugh? A: Tell them your plans. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message