isolating files from users
Tuesday, 13 May 2008 11:45 am by noelposted in tech | tags: file ownership, file permissions, linux, samba, tech, work
givens:
server is running samba on linux; users are on windows
problem:
a single or group of files need to be “isolated” from the users, i.e. certain executables, malware, spyware, etc. on the server.
it files cannot be deleted yet because the malware in the users’ computer will jusT recreate them. a remedial solution is to set the file permissions of the files to non-readable; non-executable and the file ownership ‘root’. once the workstations are cleaned then the files can be deleted.
commands:
- go to the top of the shared subdirectory
- set the ownership and file permissions using the commands below; ‘research/’ and ‘root.root’ are examples, change to what applies to your setup
$ find research/ -iname *.exe -exec chmod 0000 {} \;
$ find research/ -iname *.exe -exec chown 'root.root' {} \;
