Date: Tue, 26 Nov 2002 16:08:37 -0500 (EST) From: Jerry McAllister <jerrymc@clunix.cl.msu.edu> To: peter@skyrunner.net (Peter Brezny) Cc: jerrymc@msu.edu (Jerry McAllister), questions@freebsd.org Subject: Re: allow write to directory but not modify the dir itself possible? Message-ID: <200211262108.gAQL8d419182@clunix.cl.msu.edu> In-Reply-To: <NEBBIGLHNDFEJMMIEGOOOECJFEAA.peter@skyrunner.net> from "Peter Brezny" at Nov 26, 2002 03:52:34 PM
next in thread | previous in thread | raw e-mail | index | archive | help
> > Thanks again Jerry, > > I really need something that will allow users to do everything within a > directory but not be able to do anything to the directory itself (like > remove it or rename it)... > > They've got to be able to put files in the directory and take others out of > it etc... > > Any ideas there? Well, you could chroot(8) them to that directory. That would make it their root (eg /) and they wouldn't be able to do anything to the directory per se. It would be their home directory while they were logged (or ftp-d) in. They could even add directories under it, etc. If you chroot them, you have to set up appropriate copies of binaries (/bin /sbin/ usr/bin /usr/sbin, etc) that they will need to use while logged in. Another thing to consider is jail(8) which is sort of more intense along the same line. It really depends on what else the users will need to do while logged in. ////jerry > > > Peter Brezny > Skyrunner.net > > > -----Original Message----- > From: Jerry McAllister [mailto:jerrymc@clunix.cl.msu.edu] > Sent: Tuesday, November 26, 2002 3:43 PM > To: Peter Brezny > Cc: Jerry McAllister > Subject: Re: allow write to directory but not modify the dir itself > possible? > > > > > > Thanks Jerry, > > > > I'll give this another try. I think i already tried to do this, but since > > there wern't already files in the directory... > > The think that usually gets missed is leaving x execute permission > on the directory. Without that it won't let you at files in > the directory regardless of their permissions. > > Without write permission on the directory, users won't be able > to create files in the directory - just rewrie in place existing files. > > Anyway, I think that is the way I remember doing it. > > Using the sticky bit can also make it so users can only modify their > own files within a directory. But, that still lets them modify the > directory by creating new files and deleting files. > > ////jerry > > > > > I'll do some experimenting again. > > > > > > Peter Brezny > > Skyrunner.net > > > > > > -----Original Message----- > > From: Jerry McAllister [mailto:jerrymc@clunix.cl.msu.edu] > > Sent: Tuesday, November 26, 2002 2:09 PM > > To: Peter Brezny > > Cc: freebsd-questions@FreeBSD.ORG > > Subject: Re: allow write to directory but not modify the dir itself > > possible? > > > > > > > > > > Hi Everyone, > > > > > > Is it possible to allow a user write permissions inside a particular > > > directory, but not allow them to modify the directory itself? > > > > Yes. > > > > > > > > Thanks, > > > Peter Brezny > > > Skyrunner.net > > > > Just take away write permissions on the directory, but leave it > > on the file[s] in the directory. You have to leave x permission > > on the directory, but not necessarily r permission. > > > > ////jerry > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211262108.gAQL8d419182>