[Techtalk] Protecting spouse, kids from each other and limiting access

Fri Sep 27 15:53:37 EST 2002

Hi!

I have a problem I'm trying to resolve and have not been able to fix the
issue.

I have basically 4 levels of users, including root, that have different
requirements. I can adduser, addgroup, but the DETAILS of how to limit
access and all is missing. man pages, FAQ's, books on sysadmin basically
say it can be done, but the details are for a single need (all users are
the same and there isn't a need for anything else but root). 

My situation:

1) kids: need access to /home/username only; can't view anybody else's
directories, do NOT have access to ppp/chat, are blocked from certain
directories/devices. These are my munchkins ages 6 and 8. Internet
access supervised. I plan on kde for their desktop.

2) users: need access to /home/username, can view each other's
directories, CAN ppp/chat, run most software. I plan on kde for their
desktop. This is my spouse and teens who need to surf, play games, do
homework et al. Access blocked from certain directories/devices.

3) poweruser: basically me. Access to all directories/devices, including
those blocked to everyone else. Essentially "root" in safe mode. All
window managers available.

4) root: "god mode". Totally unsafe, dangerous. Can do anything to any
user, any file, device, directory. Total access capability.

Exactly HOW DO YOU set multiple users access to a directory, and block
others? I understand it is done by setting groups, hence kids, users,
poweruser, root. But how do you set poweruser and root to have access to
/hdd6 and no other group? How do you keep kids locked into
/home/username and unable to wander anywhere else? 

/etc/groups shows things like: users::100:lesa,aurora,tab. So, where do
the limitations come in? How do I set them?

I am a physicist, using Linux for my workstation since about Nov/Dec
1992. My wife and kids have watched me do things on the internet that
they can't do with windows. I'm trying to ween them off of windows and
on to Linux. This issue is the main one keeping me from starting them
onto linux (my wife is worried she might damage my files or mess up my
computer). I have work and software they don't need and don't need to
see at all, so access is blocked. I am running Slackware 7.1 and
debugging Slackware 8.1 on a seperate SCSI drive before switching over. 

I have linux loaded on their machines, but they only use windows95 at
the moment. As soon as I can get this done on my machine, I'll do the
same to theirs and start teaching them Linux. I succeeded in getting
them onto windows, I know we can transition into linux!

Alvin