[K12OSN] Dropbox directory permissions
Burke Almquist
balmquist at mindfirestudios.com
Mon Mar 5 03:03:28 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Even better, just do the part where the teacher is a member of the
student's primary group, then they can look at anything in the
student's home dir. That helps them keep an eye on what the kids are
up to. Emailing the completed files to the teacher works well too,
assuming that both the students and teachers have email.
On Mar 4, 2007, at 8:59 PM, Petre Scheie wrote:
> It's not as convenient, but perhaps you could give each student her/
> his own directory within /home/inbox, with permissions set to 770,
> and put the teacher into each student's primary group so the
> teacher can get to the files. Give each student's directory the
> same name as the student's ID, e.g., bob's directory would be /home/
> inbox/bob. Modify your script so that is automatically uses the
> caller's ID to specify the path to the directory. This way, only
> the student and the teacher have access to that student's work. It
> would be harder to hunt through all the directories for the
> students' work, but you could write a script that parses through
> all those directories and moves any files found to one folder in
> the teacher's $HOME. Give the teacher an icon to call it with
> sudo, call it something like "Gather up handed in assignments".
>
> HTH
>
> Petre
>
> Robert Arkiletian wrote:
>> mkdir /home/inbox
>> chmod 1773 /home/inbox (Not readable by others and sticky bit
>> prevents overwriting)
>> But if a clever kid happens to know the filename of another kid
>> cp /home/inbox/filename ~
>> unfortunately works. Not good.
>> ==============================
>> My solution:
>> Write a 1 line bashscript /usr/bin/handin
>> cp -p $1 /home/inbox/
>> chgrp teacher /usr/bin/handin
>> chmod 2755 /usr/bin/handin (setgid escalate priviliges to
>> teacher group)
>> now
>> chgrp teacher /home/inbox
>> chmod 1770 /home/inbox
>> To hand-in a test students go
>> handin filename
>> But it does not work. I get
>> cp: cannot stat `/home/inbox/filename': Permission denied
>> Why? Apparently, setgid cannot change the group of the process to one
>> which you don't already belong to. So I have to add the teacher group
>> to all students, which defeats the purpose. So much for privilege
>> escalation of setgid. I even tried using setuid.
>> [root at server ~]# ls -ld /home/inbox/
>> drwxrwx--T 2 root root 4096 Mar 4 16:02 /home/inbox/
>> [root at server ~]# ls -l /usr/bin/handin
>> -rwsr-xr-x 1 root root 79 Mar 3 14:40 /usr/bin/handin
>> I get the same stat Permission denied error. Any suggestions?
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkXriIAACgkQfqZR3ThMfXTegACeNTXJKf5wqKLfFroE+2qh6M9s
TjIAnjE3ke70/afGgyvmowB+OCU4IRcZ
=YRor
-----END PGP SIGNATURE-----
More information about the K12OSN
mailing list