Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Oct 2010 23:20:09 +0200
From:      Harald Schmalzbauer <h.schmalzbauer@omnilan.de>
To:        freebsd-stable@freebsd.org
Subject:   POSIX file permission (understanding) problem?
Message-ID:  <4CC5F489.50403@omnilan.de>
next in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Hello,

am I complete stupid or is there a serious problem with 8.1-RELEASE:
I can write files which I have no write access to, if I have write
access to the directory of the file.

How to reproduce (tested with UFS2):

mkdir /tmp/testdir
touch /tmp/testdir/testfile
chown -R nobody:intern /tmp/testdir
chmod 751 /tmp/testdir
chmod 640 /tmp/testdir/testfile
ls -ld /tmp/testdir
drwxr-x--x  2 nobody  intern  512 25 Okt 23:03 /tmp/testdir
ls -l /tmp/testdir
total 0
-rw-r-----  1 nobody  intern  0 25 Okt 23:03 testfile
exit
id
uid=9001(harry) gid=9001(harry)
groups=9001(harry),0(wheel),5(operator),68(dialer),919(vboxusers),5090(intern)....

	-> Fine so far, editing testfile doesn't work

chmod g+w testdir/ (as superuser, exit again)
ls -ld testdir
drwxrwx--x  2 nobody  intern  512 25 Okt 23:03 testdir
ls -l testdir
total 0
-rw-r-----  1 nobody  intern  0 25 Okt 23:03 testfile

	-> Now editing with vi (as user harry) changes the ownership of the
file and writing is successfull:
ls -l testdir/
total 2
-rw-r-----  1 harry  intern  5 25 Okt 23:10 testfile

This means file permission mode is irrelevant if the user has write
access to the directory of the file. I can hardly believe that this is
intentional. Why does a write lead to owbership changes?
How should I give users write access to directories but prohibit
deliting particular files? Do I have to use uunlnk flag?
Sorry for that basic question, but I must have been missing something in
the last 10 years...

Thanks in advance,

-Harry


[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (FreeBSD)

iEYEARECAAYFAkzF9IkACgkQLDqVQ9VXb8gAzQCcDVmfFX0G50Dy8T+KwU4RDKsy
KeUAn03wOT2AYa8Yf5oURoPtpbhUnRyk
=1vAf
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CC5F489.50403>