Date: Mon, 25 Oct 2010 23:20:09 +0200 From: Harald Schmalzbauer <h.schmalzbauer@omnilan.de> To: freebsd-stable@freebsd.org Subject: POSIX file permission (understanding) problem? Message-ID: <4CC5F489.50403@omnilan.de>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCA339D8350768D81F6034DEE Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Hello, am I complete stupid or is there a serious problem with 8.1-RELEASE: I can write files which I have no write access to, if I have write access to the directory of the file. How to reproduce (tested with UFS2): mkdir /tmp/testdir touch /tmp/testdir/testfile chown -R nobody:intern /tmp/testdir chmod 751 /tmp/testdir chmod 640 /tmp/testdir/testfile ls -ld /tmp/testdir drwxr-x--x 2 nobody intern 512 25 Okt 23:03 /tmp/testdir ls -l /tmp/testdir total 0 -rw-r----- 1 nobody intern 0 25 Okt 23:03 testfile exit id uid=3D9001(harry) gid=3D9001(harry) groups=3D9001(harry),0(wheel),5(operator),68(dialer),919(vboxusers),5090(= intern).... -> Fine so far, editing testfile doesn't work chmod g+w testdir/ (as superuser, exit again) ls -ld testdir drwxrwx--x 2 nobody intern 512 25 Okt 23:03 testdir ls -l testdir total 0 -rw-r----- 1 nobody intern 0 25 Okt 23:03 testfile -> Now editing with vi (as user harry) changes the ownership of the file and writing is successfull: ls -l testdir/ total 2 -rw-r----- 1 harry intern 5 25 Okt 23:10 testfile This means file permission mode is irrelevant if the user has write access to the directory of the file. I can hardly believe that this is intentional. Why does a write lead to owbership changes? How should I give users write access to directories but prohibit deliting particular files? Do I have to use uunlnk flag? Sorry for that basic question, but I must have been missing something in the last 10 years... Thanks in advance, -Harry --------------enigCA339D8350768D81F6034DEE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAkzF9IkACgkQLDqVQ9VXb8gAzQCcDVmfFX0G50Dy8T+KwU4RDKsy KeUAn03wOT2AYa8Yf5oURoPtpbhUnRyk =1vAf -----END PGP SIGNATURE----- --------------enigCA339D8350768D81F6034DEE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CC5F489.50403>