Of course, there is a way to let Steve give Michele the same permissions that he has when she’s running the summarize program. Steve types this:

   chmod u+s summarize

This means “Add the Set User ID capability for the user who owns the file to summarize.” Now his permissions look like this:

-rw-------  steve  sales  customers.dat
-rwsr-xr-x  steve  sales  summarize

Now let’s see what happens when Michele runs the program:

EventLinux says
Michele types /home/steve/summarize You are user michele of group mktg.
You are “other”.
You want to execute file /home/steve/summarize.
Permission granted.
Program begins. Set User ID is in effect.
Alakabaud! ® I have changed your user ID.
You are now user steve for as long as this program runs.
Program asks to read file /home/steve/customers.dat You are user steve.
You want to read file /home/steve/customers.dat.
Permission granted.

The problem is now solved! Steve can let Michele run his program. His program temporarily changes Michele’s user ID to Steve’s so that the customer file becomes readable. If Michele tries to get to the customer file from any other program, the permissions will keep her out.

You may also use a construction like this to give the group’s permissions to anyone who runs the program.

   chmod g+s summarize

Note: Alakabaud! is a registered trademark of Vadic, the Modem Magician.
<< A New Problem Index Quick Reference Summary >>