Questions tagged [access-control]
The access-control tag has no summary, but it has a tag wiki.
187 questions
1vote
0answers
15views
Solaris 10 rbac: works fine but not for fdisk
I edit prof_attr Altro-prof:RO::\ Altro prof: I assign some commands for "altro-prof" vim exec_attr Altro-prof:solaris:cmd:RO::/usr/sbin/prtvtoc:uid=0 Altro-prof:solaris:cmd:RO::/usr/sbin/...
- 13.6k
0votes
0answers
85views
Bitmask permissions
It's a tutorial problem in a Linux course: The command ls -la / gives this result: total 72 drwxr-xr-x 19 root root 4096 Apr 15 23:39 . drwxr-xr-x 19 root root 4096 Apr 15 23:39 .. lrwxrwxrwx 1 ...
7votes
1answer
1kviews
Cannot open an HTML file stored on RAM-disk with a browser
I wrote a script that generates a PDF and an HTML file on RAM-disk: The PDF file can be opened as expected. The HTML file can be opened with an editor, but not with a browser. This is the error ...
- 653
0votes
0answers
51views
Firejail video access from shell
I have been playing around with firejail and tried to get a profile, where access to the webcam is blocked. I tried this with 'cheese' as an application, which shows the webcam and found --novideo in ...
0votes
0answers
67views
You don't have write permission to backup destination
Debian 12, using whatever the built-in backup system is. I have it set to back up to an external drive that's dedicated to this purpose. When I hit the button to do a backup, it says I don't have ...
- 101
0votes
0answers
44views
Prevent a program from writing the HOME directory using SMACK
I have a binary program that creates an empty folder in the HOME directory everytime it starts up. I don't like that and want to use the SMACK mechanism to stop it from doing that. My idea is to label ...
0votes
1answer
731views
Apache 2.4: Restrict access to reverse proxy by IP range, and redirect requests from all other hosts
We have a front-end proxy server that serves pages from a back-end website (both running Apache 2.4): # Apache config snippet from frontend server SSLProxyEngine on ProxyPass "/blah" "...
- 451
1vote
1answer
73views
Restrict login to the active user
How can I restrict login so that only I can log into my linux machine, and only directly into the console (active user) I do not want anyone, including me, to be able to log in remotely. Are there ...
- 13
1vote
1answer
51views
ssh-jailed access restrict all groups, but allow one group
Requirement ssh-jailed access restrict all groups, but allow one group. login to VM-GP324911 for users in GP324911, deny others. login to VM-GP9e68e for users in GP9e68ea, deny others. login to VM-...
- 27
1vote
3answers
1kviews
How to restrict user login for specific IP-address (private address)?
I have two users on my ssh-server machine, user_A and user_B. user_B is permitted to log in with private key only for security reasons, because he needs to log in from remote. All this works. My ...
- 113
1vote
1answer
290views
Restrict access to SocketCAN to a certain user group
I have a PC to which a robot is connected via CAN (using SocketCAN). I'd like to control who can send commands to the robot, ideally through a group (i.e. only users who are in the "use_robot&...
- 272
0votes
0answers
111views
Accessing OneDrive Folder on ElementaryOS
I have a computer with Windows 11 and Elementary OS 7. I can't access my OneDrive folder. I tried fsutil reparsepoint delete "C:\Path\To\OneDrive\Folder" but it output an access permission ...
3votes
1answer
813views
What effect has "+:ALL:cron crond" in /etc/security/access.conf?
I am refining our rules in /etc/securiy/access.conf. I found the following rule and I am not sure what it is used for: +:ALL:cron crond According to the man page of access.conf it means something ...
0votes
1answer
110views
What is the best way to manage multiple access using same user?
Scenario: We have a couple of Ubuntu servers, each with a single user. The user account has some specific software that bind to the host IP address and a specific port (we cannot change the port ...
- 109
0votes
1answer
453views
Limiting sudo access for certain tasks
I am trying to implement an functionality where I need to limit the acccess of user that currently has sudo permissions to certain processes or files. I need the user to be able to certain tasks like ...
