Slightly OT: Setting privileges on OS-X

Sarah Reichelt sarah.reichelt at gmail.com
Wed Oct 19 19:16:20 EDT 2005 

> Are there Unix-wizzkids out there?
>
> I've created a small RR app that creates a bunch of standard folders
> (like the list below) where users can drop job-related items in.
>
> Now I need to secure these folders, but not the content...
> The folders I create may not be deleted by a user, only by the owner,
> which will be me :-)) but the users are allowed to create new folders
> or files in the basic folders. These files and folders they should be
> able to change, delete, rename, etc.
>

Hi Ton,

I don't claim to be a Unix-wizzkid at all, but I have learnt some
stuff about privileges.

Each file or folder in Unix / OS X has 3 sets of privileges: owner,
group & guest.
There are 3 settings in each set: read, write and execute (r, w & x).

If you open a Terminal window and type "ls -l" and press Return, you
will see a list of items in the current folder. The first section of
the data shows the current privilege settings.
Here is an example:
-rwxr-xr-x    a file where the owner can do anything (rwx) , the group
can read & execute but not write (r-x) and guests (anyone else) can
also read & execute but not write (r-x).

If the first character was "d" instead of "-", then it would be a
folder (directory).

To change these settings, you need to use the "chmod" command.
To add write privileges for all users to a file, use a command like this:
     chmod a+w filename
To remove write privileges, use this:
    chmod a-w filename

However this does not stop people deleting your files or folders. To
make a folder "sticky" i.e. make it so that users other than the owner
can only add files and not delete them, use this command:
    chmod +t foldername

To make files undeletable, I would use an AppleScript to toggle their
"locked" setting:
Here is an example that asks for a file, then locks it so it cannot be deleted.

tell application "Finder"
	set tFile to choose file
	set the locked of file tFile to true
end tell

I hope this helps, but please email me directly if you think I can be
of any further assistance.

Sarah

More information about the use-livecode mailing list