Can I "force" a file to be updated only by a specifc script?

[jimlocigno]

Hi,
I have a feeling the answer to this question is no. But I thought I would ask just to be sure.

I have lookup file: so to speak "lookupfile.data" which contains various information. I also have a lookupfile_update.ksh script which is a Korn Shell script and allows add/change/delete operations via the command line:
Example: lookupfile_update.ksh add key1 info

Here's the question. Is there a way to set the security and or code the script to allow lookupfile_data to only be updated via the lookupfile_udpate.ksh script. In otherwords I do not want users directly editing lookupfile_data. Aside from the root user and similar higerlevel ids that I know could just overlay the file could (which is okay, because very users have that power anyway). Is there a way I could set this up. The one catch the lookupfile_data must be readable by everbody due to other processess that run.

Thanks

 

[columb]

You could use sudo so that
1)permissions for lookupfile.data are -rw-------
2) lookupfile.data i owned by root
3) sudo has an entry similar to

ALL ALL = lookupfile_update.ksh add key1 info

If you don't know sudo I strongly recommend you look into it. It's the best tool I know for controlling users actions with privieged data/processes.

Columb Healy

 

[PHV]

columb, I suggest this:
1)permissions for lookupfile.data are -rw-r--r--

Hope This Helps, PH.
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884 or FAQ222-2244

 

[jimlocigno]

Thanks. I have definitely heard of sudo. In fact our "Unix Adminstrator" uses it alot. I orginally asked him this question and he said there was no way to do it. I will have to bother him again.