UPDATE: DEPRECATED—This tech bulletin is superseded by TB#524
It is Livermore Computing (LC) policy that user directories may not have world read, write, or execute permissions set to allow all users the ability to view, modify, or execute files contained in them. To enforce this policy, LC will monitor the permissions on top-level directories in the following file systems:
CZ Only | RZ Only | RZ and CZ |
---|---|---|
/g/g* /nfs/* /usr/djehuty /usr/gapps /usr/gdata /usr/mic/* |
/g/g* |
/collab/usr/gapps /collab/usr/gdata /p/* |
If any top-level directories or files are found to have world read, write, or execute permissions set, the permissions will be reset to disallow world access unless a UNIX world permissions exemption has been granted for that directory.
A number of options are available to users for sharing data other than setting world permissions (e.g., using UNIX group permissions). Please contact the LC Hotline if you wish to discuss these options. The UNIX world permissions exemption may be granted with Programmatic Associate Director approval on a case-by-case basis. UNIX world permissions can be requested by submitting the form available
.
The resetting of directory permissions began on Monday, October 17, 10:00 a.m.
PDF TB471 available for download and distribution.