Date: Tue, 18 Jan 2011 16:11:02 -0500 From: Gary Palmer <gpalmer@freebsd.org> To: Ihor R <kaba@goodnet.com.ua> Cc: freebsd-amd64@FreeBSD.org Subject: Re: amd64/154112: user can delete file witch owned by root:wheel Message-ID: <20110118211102.GB67092@in-addr.com> In-Reply-To: <201101182010.p0IKAA5u010462@freefall.freebsd.org> References: <201101182010.p0IKAA5u010462@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 18, 2011 at 08:10:10PM +0000, Ihor R wrote: > The following reply was made to PR amd64/154112; it has been noted by GNATS. > > From: Ihor R <kaba@goodnet.com.ua> > To: <bug-followup@FreeBSD.org>, <kaba@goodnet.com.ua> > Cc: > Subject: Re: amd64/154112: user can delete file witch owned by root:wheel > Date: Tue, 18 Jan 2011 21:27:23 +0200 > > On Tue, 18 Jan 2011 16:22:53 GMT, kib@FreeBSD.org wrote: > > User home directory is owned by user, right ? > > The system works as intended, read about unix file permission model. > > The home user directory is owned by user, but I quote don't understand > how I can provide hosting service for my users, if anybody user can > delete any files in his home directory. By example: > > if I want to block some resources, like site, by adding "deny from all" > to .htaccess and replace owner of this file to root:wheel. User can not > change this file (rewrite) but he can delete this file any time he wish > - and the site will go on to work and can make some steps to damage > server. > > Can you please explain me how can I get back to Unix where users can't > delete file which they not own. What steps I need to do to solve current > problem. > I need that users can't change or delete files, that users not own, > anyway it's (files) placed. man 8 sticky
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110118211102.GB67092>