|
Page 4 |
|
® 2003 United States Power Squadrons |
|
New Security Mechanism for Member Only Pages |
|
OK, how does it work, how do I use it, and why should I use it? First question, how does it work? At a simple level you need two concepts. First UNIX has the concept of ownership of data and files. Every committee is owned by a webmaster with a logon of the form XXyyy…. Where XX is two capital letters and yyy… is some number of lower case letters. This is your logon which allows you to download or publish pages and other documents. A second part you don’t normally see is that all committee logons belong to a group called “national”. A few committees (notably the ITC) have used alternate logons which are not part of the national group. That however is easy to rectify. OK still with me? Your pages all belong to the group “national”: So what? UNIX lets you set permissions on data at three levels: Owner privileges, group privileges and user privileges. They are read, write and execute privilege. So for each of the three levels you can set privileges. This can be set using ws_ftp by the owner of the data. Directions are provided at the end of this document. Each level is represented by the string rwx for read write execute. If you only want to let one level read you set the “mask” as “r - -“, to read and write “r w –“ and to read, write and execute r w x. These are also represented by numbers for their position. Read = 4, write = 2 and execute = 1. So the ability to read and write = 4 + 2 = 6, and to read, write and execute = 4 + 2 + 1 = 7. Normal permissions for a file are set as r w - r - - r - - or 644 which means the owner can read and write the file, group members can read the file and general users can read the file. Using ws_ftp you can see these attributes displayed for the test directory in the figure below. |
|
Power Byte (continued on page 5. |
|
Secretary’s Department Newsletter |
|
Volume 3, Issue 3 August 2003 |