[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Determining key permission bits
On Fri, Dec 20, 2013 at 9:08 AM, Jeffrey Goldberg <jeffrey@goldmark.org> wrote:
> On 2013-12-20, at 10:51 AM, Andy Lutomirski <luto@amacapital.net> wrote:
>
>> On Fri, Dec 20, 2013 at 8:43 AM, Jeffrey Goldberg <jeffrey@goldmark.org> wrote:
>>> On 2013-12-20, at 12:13 AM, Andy Lutomirski <luto@amacapital.net> wrote:
>>>
>>>> Is there any easy way to tell which permission bits a key file has?
>>>
>>> Perhaps I’ve misunderstood your question, but
>>>
>>> ls -l path/to/keyfile
>>
>> Whoops -- I didn't realize my question was ambiguous like that. I'm
>> asking about the read/write/delete/nuke bits.
>
> Ah. You mean how to find out what a particular key is authorized to do. (I got misled by the word “file” in your question.)
>
> Anyway, I don’t know. I wasn’t aware until just now that keys could be set up with limited authority.
>
This is one of my favorite features of tarsnap. If anyone compromises
my backed-up-to-tarsnap box, they can add new corrupt archives, but
they can't delete the old ones.
>
> (Please also understand that my jumping to the conclusion that you didn’t know about basic Unix file permissions was no insult. I do some customer support work, and so tend to assume the least knowledge of people asking questions.)
No worries. You'll have to work a lot harder if you want to insult me :)
>
> Cheers,
>
> -j
--
Andy Lutomirski
AMA Capital Management, LLC