From owner-freebsd-questions@FreeBSD.ORG Wed Aug 6 19:27:53 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF0A0106566B for ; Wed, 6 Aug 2008 19:27:53 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: from mx1.identry.com (on.identry.com [66.111.0.194]) by mx1.freebsd.org (Postfix) with ESMTP id 252B18FC19 for ; Wed, 6 Aug 2008 19:27:52 +0000 (UTC) (envelope-from jalmberg@identry.com) Received: (qmail 47504 invoked by uid 89); 6 Aug 2008 19:27:52 -0000 Received: from unknown (HELO ?192.168.1.110?) (jalmberg@75.127.142.66) by mx1.identry.com with ESMTPA; 6 Aug 2008 19:27:51 -0000 In-Reply-To: <4899DD4E.2080005@FreeBSD.org> References: <26259A11-0CE7-43FB-878C-1A989C1EB006@identry.com> <3A0AA7018522134597ED63B3B794C92A0284D829@STA-HQ-S001.starcomms.local> <3A0AA7018522134597ED63B3B794C92A028ECB61@STA-HQ-S001.starcomms.local> <8722E123-56D1-4CA0-8F57-DB0FB299EBD3@identry.com> <4899CEA9.6030209@FreeBSD.org> <578DE0D9-C68B-4D57-93E8-9D517166EA9D@identry.com> <4899DD4E.2080005@FreeBSD.org> Mime-Version: 1.0 (Apple Message framework v752.3) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: John Almberg Date: Wed, 6 Aug 2008 15:27:49 -0400 To: glarkin@FreeBSD.org X-Mailer: Apple Mail (2.752.3) Cc: freebsd-questions@freebsd.org Subject: Re: Controlling read access X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Aug 2008 19:27:53 -0000 > | Hi Greg, > | > | I tried your sequence, but it didn't seem to work. Or, perhaps it > worked > | and the PRIVSEP option doesn't do what I expect it to. Logging in > as a > | normal user gives that user root privileges. > | > | This seems pretty scary to me. Not so bad, since the user is > locked into > | his own directory, but enough power to hurt themselves, which is too > | much power, IMHO. My users aren't experts. I can definitely see them > | clicking the delete key by accident. > | > | Back to digging for info... > | > | Thanks: John > | > > Hi John, > > After logging into pure-ftpd, even if I type "cd /", I cannot break > out > of my home directory. Because of the way UNIX permissions work, if > root > ~ (or any other user) owns a file in my home directory, I can still > delete it. > If you want to prevent that, you'll have to also use the > chflags command to protect file that you don't want to be removed by > anyone. > Wow... I learn something new in this job every day, but usually not as new as that. This completely revises what I thought I knew about permissions. If you had asked me this morning if I could delete a file owned by root with permissions set to 400 from my own directory, I would have said absolutely not. How wrong I would have been... I guess I can do this because I own the directory that the foreign file is in, and I should have control over that directory... Yes... If I create a directory within my own home directory and change the ownership of that directory to root:nobody, then I cannot delete any file in that directory. Okay, this is starting to make sense. I guess I just never noticed this small detail of Unix file permissions. Very interesting! I skimmed through the chflags section of "Absolute FreeBSD" on my first read through... It rang a bell when you mentioned it, but I'd completely forgotten about it. I'm going to read it much more carefully this time :-) Anyway, thanks to everyone who has helped me out with my week-long struggle with 'simple' old FTP. "Challenge your assumptions." That's the lesson of *this* week! Brgds: John