Hi all,
Can we fulfill the below requirements using Asustor AS6204RS.
1. Read only permission to files.
2. Read only file should not be copied.
3. Read only file should not be downloaded.
Thanks and Regards,
IT MAW
Read Only Requirement, No copy no download
-
- Posts: 1
- youtube meble na wymiar Warszawa
- Joined: Fri Feb 28, 2020 6:46 pm
- orion
- Posts: 3485
- Joined: Wed May 29, 2013 11:09 am
Re: Read Only Requirement, No copy no download
That's too special. If a user can read, he should be able to copy & download. What's your usage condition?
- father.mande
- Posts: 1817
- Joined: Sat Sep 12, 2015 2:55 am
- Location: La Rochelle (France)
Re: Read Only Requirement, No copy no download
Hi,
You mix two level of rules
File system access rights for files & folders based on Owner / group and others (except for some file system ... like vfat, etc.)
Applications rights that are linked to USER executing the application ... so access for the application are inherited from access attach to the user
so a read only can be attached to the owner of the file or to the group where the user accessing belongs ...
the read access permit any application running under this specific user to read the file with ANY application and copied it to another place if it have the write access right on this new place
so ... to realize you request (it's VERY complicated and need a full real Linux administrator)
... you must combine user owning application (so for ex. refuse execute right for none authorized users) ... so know all of them
... restricted rights for all with an hidden user, so no application without the good user can have a read access to the file
... switch to user (like su for ex.) when other rules have to be applied.
You understand the complexity to be sure that application able to copy (download is more easy to isolate (ex. through chroot)) a file is not missed ...
This imply to restrict applications to the minimum and to understand for EACH how they used files and folders ...
If you are a Linux admin expert ... F.Y.I. Linux ACL are set in the kernel (for x86_64 model) ... so adding the ACL tools (not provide but available in Entware APKG) you can have a better finest approach ... but rules stay the same.
So to be able to, perhaps, help you ... "orion" question is THE question.
Philippe.
You mix two level of rules
File system access rights for files & folders based on Owner / group and others (except for some file system ... like vfat, etc.)
Applications rights that are linked to USER executing the application ... so access for the application are inherited from access attach to the user
so a read only can be attached to the owner of the file or to the group where the user accessing belongs ...
the read access permit any application running under this specific user to read the file with ANY application and copied it to another place if it have the write access right on this new place
so ... to realize you request (it's VERY complicated and need a full real Linux administrator)
... you must combine user owning application (so for ex. refuse execute right for none authorized users) ... so know all of them
... restricted rights for all with an hidden user, so no application without the good user can have a read access to the file
... switch to user (like su for ex.) when other rules have to be applied.
You understand the complexity to be sure that application able to copy (download is more easy to isolate (ex. through chroot)) a file is not missed ...
This imply to restrict applications to the minimum and to understand for EACH how they used files and folders ...
If you are a Linux admin expert ... F.Y.I. Linux ACL are set in the kernel (for x86_64 model) ... so adding the ACL tools (not provide but available in Entware APKG) you can have a better finest approach ... but rules stay the same.
So to be able to, perhaps, help you ... "orion" question is THE question.
Philippe.
Last edited by father.mande on Wed Apr 08, 2020 4:38 pm, edited 1 time in total.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
-
- Posts: 3
- Joined: Thu Apr 02, 2020 2:46 pm
Re: Read Only Requirement, No copy no download
it seems a bit contradictory
Find best vpn for you :https://www.topvpnguides.com/