From owner-freebsd-stable@FreeBSD.ORG Mon Oct 25 21:34:26 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C0FB106564A for ; Mon, 25 Oct 2010 21:34:26 +0000 (UTC) (envelope-from h.schmalzbauer@omnilan.de) Received: from host.omnilan.net (s1.omnilan.net [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 0CB868FC16 for ; Mon, 25 Oct 2010 21:34:25 +0000 (UTC) Received: from titan.flb.omnilan.net (titan.lo4.flb.omnilan.net [172.21.1.150]) (authenticated bits=0) by host.omnilan.net (8.13.8/8.13.8) with ESMTP id o9PLK9O8017008 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 25 Oct 2010 23:20:09 +0200 (CEST) (envelope-from h.schmalzbauer@omnilan.de) X-Authentication-Warning: smtp.dmz.omnisec.de: Host titan.lo4.flb.omnilan.net [172.21.1.150] claimed to be titan.flb.omnilan.net Message-ID: <4CC5F489.50403@omnilan.de> Date: Mon, 25 Oct 2010 23:20:09 +0200 From: Harald Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Thunderbird/3.1.2 MIME-Version: 1.0 To: freebsd-stable@freebsd.org X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigCA339D8350768D81F6034DEE" Subject: POSIX file permission (understanding) problem? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Oct 2010 21:34:26 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCA339D8350768D81F6034DEE Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Hello, am I complete stupid or is there a serious problem with 8.1-RELEASE: I can write files which I have no write access to, if I have write access to the directory of the file. How to reproduce (tested with UFS2): mkdir /tmp/testdir touch /tmp/testdir/testfile chown -R nobody:intern /tmp/testdir chmod 751 /tmp/testdir chmod 640 /tmp/testdir/testfile ls -ld /tmp/testdir drwxr-x--x 2 nobody intern 512 25 Okt 23:03 /tmp/testdir ls -l /tmp/testdir total 0 -rw-r----- 1 nobody intern 0 25 Okt 23:03 testfile exit id uid=3D9001(harry) gid=3D9001(harry) groups=3D9001(harry),0(wheel),5(operator),68(dialer),919(vboxusers),5090(= intern).... -> Fine so far, editing testfile doesn't work chmod g+w testdir/ (as superuser, exit again) ls -ld testdir drwxrwx--x 2 nobody intern 512 25 Okt 23:03 testdir ls -l testdir total 0 -rw-r----- 1 nobody intern 0 25 Okt 23:03 testfile -> Now editing with vi (as user harry) changes the ownership of the file and writing is successfull: ls -l testdir/ total 2 -rw-r----- 1 harry intern 5 25 Okt 23:10 testfile This means file permission mode is irrelevant if the user has write access to the directory of the file. I can hardly believe that this is intentional. Why does a write lead to owbership changes? How should I give users write access to directories but prohibit deliting particular files? Do I have to use uunlnk flag? Sorry for that basic question, but I must have been missing something in the last 10 years... Thanks in advance, -Harry --------------enigCA339D8350768D81F6034DEE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAkzF9IkACgkQLDqVQ9VXb8gAzQCcDVmfFX0G50Dy8T+KwU4RDKsy KeUAn03wOT2AYa8Yf5oURoPtpbhUnRyk =1vAf -----END PGP SIGNATURE----- --------------enigCA339D8350768D81F6034DEE--