LC Hotline: 2-4531

From offsite: (925) 422-4531

 

Hours

Monday–Friday
8am–12pm, 1–4:45pm
B453 R1103 | Q-clearance area

 

Technical Bulletin #471: UNIX World Permissions on LC File Systems

UPDATE: DEPRECATED—This tech bulletin is superseded by TB#524

It is Livermore Computing (LC) policy that user directories may not have world read, write, or execute permissions set to allow all users the ability to view, modify, or execute files contained in them. To enforce this policy, LC will monitor the permissions on top-level directories in the following file systems:

CZ Only RZ Only RZ and CZ
/g/g*
/nfs/*
/usr/djehuty
/usr/gapps
/usr/gdata
/usr/mic/*

/g/g*
/nfs/*
/p/*
/usr/dnta
/usr/dvsprod
/usr/gapps
/usr/gdata
/usr/mic/*

/collab/usr/gapps
/collab/usr/gdata
/p/*

If any top-level directories or files are found to have world read, write, or execute permissions set, the permissions will be reset to disallow world access unless a UNIX world permissions exemption has been granted for that directory.

A number of options are available to users for sharing data other than setting world permissions (e.g., using UNIX group permissions). Please contact the LC Hotline if you wish to discuss these options. The UNIX world permissions exemption may be granted with Programmatic Associate Director approval on a case-by-case basis. UNIX world permissions can be requested by submitting the form available

.

 

The resetting of directory permissions began on Monday, October 17, 10:00 a.m.

PDF TB471 available for download and distribution.

LLNL-WEB-733249