4.1 Controlled Sharing

What happens if Bob needs to share files with one or two other users but not with the rest of the suite?

Bob hired a clerk to do data entry for his new client, a big surveying company. The new clerk, Tina, has her own login on Bob’s computer (“tina”). However, the isolation policy blocks Bob and Tina from sharing files, unless Bob logs in as administrator and bypasses the access restrictions.

It is clear that we can create files and folders and establish access rights for them. We can share files with some people and hide them from others, simply by configuring the right permissions. In small cases we might get this correct through trial-and-error, but we might also leak data while implementing our solution. Instead, ...

Get Elementary Information Security, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.