Gang Xu wrote:
Hi, all~
I have a question:
normal users how to restrict root permition of a file(own by normal user)?
[background]:
Kernel 2.6.7 (compile with ACL)
mount / with acl option
skywind is a normal user in system
[object]:
normal user skywind restrict root's read permition by using ACL.
[detailed]:
skywind@localhost:~$ cat 123 > /tmp/test
skywind@localhost:~$ chmod 700 /tmp/test
skywind@localhost:~$ setfacl u:root:--- /tmp/test
skywind@localhost:~$ su -
localhost:~# cat /tmp/test
123
localhost:~#
[result is:]
root can read the /tmp/test
Why?
I don't want root read the /tmp/test
How to do?
Could anyone help me?
Very very thankx~~~~~
:-)
Root is the ultimate administator on your system. It can access ALL
files, processes and software packages. The only method is to use file
encryption, which may or may not be a good idea, to block access to your
files. If you own the system, then you should not worry about root user
level access. No one should ever log onto your system as root, unless
absolutely necessary.
James McKenzie
--
Skywind
