Re: How to set access permissions to protect a database file?

[mick crane <mick.crane@gmail.com>]

On 2019-05-26 00:49, Markos wrote:
> Hi,
>
> I made a program (reading_room.tcl), with Sqlite running on Debian 9,
> to control the books of a reading room.
>
> I implemented an authentication system for common users and
> administrator users in the reading_room program.
>
> Now I want that any user logged in the Linux be able to run the
> program reading_room.tcl, which will access the database (books.db)
>
> But I want to protect the file books.db so that only the the program
> reading_room.tcl can access the books.db file. But that no user could
> delete or write to the file books.db (only the program
> reading_room.tcl)
>
> Please, how can I configure the system to do that?
>
> How to define the permissions?

I'll have a go, sure I'll get pulled up if off.

read 4, write 2, execute 1  add these together for permissions
owner, group, anybody

I never did anything on a PC with other people having access so I never 
made a file only executable by anybody but I don't see why not.
As you wrote reading_room.tcl presume that belongs to you.
I don't know anything about tcl as yet but assume it's executable as it 
is and does something.
You may have a group librarians that want to have read/write access to 
reading_room.tcl
Assume you have backups of the files.
guess books.db wants to be 644
"su -"
"chmod 644 books.db"
 or if the librarians want write access to it.
"chown you.librarians books.db"
"chmod 664 books.db"

"chown you.librarians reading_room.tcl"
"chmod 771 reading_room.tcl"

mick


--
Key ID    4BFEBB31