DSXchange

HI DataStage Users,

What is the impact of giving full permissions (777) on Project folder,

We have a odd requirement:

On a Production box, only one project needs to be given RW access on the project XXX. So I was thinking if I give 777 permissions to that project, what is the impact? Will that work for my requirement?

Appreciate your inputs...

NOTE: I searched with few keywords in the foram but could not get any related posts:)

Thanks,
Bala,

A recursive 2775 is what I give. I set the project GROUP ownership to dstage group. That way no tourists who do not have permissions in the datastage group can alter the project path content.

Security team in your company will flag a 777 path most likely.

Paul's suggestion to use the SGID bit is a good one, it also insures that all new files are owned by the dstage group, even if the creator doesn't have dstage as their primary group.

It can also be set with the "g+s" option of chmod:

$ ls -ld DevProject
drwxrwxr-x 7096 root dstage 4096 Aug 19 02:33 DevProject
$ chmod g+s DevProject
$ ls -ld DevProject
drwxrwsr-x 7096 root dstage 4096 Aug 19 02:33 DevProject

Don't forget the recursive part Andy.

for a pre-existing path... it's important.

We standardized on using 2770 permissions and also follow it with a chmod -R o-rx command on the directory that holds the DataStage project subdirectory and all the related subdirectories of our own making.