From owner-freebsd-questions Tue Oct 31 0: 8: 2 2000 Delivered-To: freebsd-questions@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 7EE5F37B479 for ; Tue, 31 Oct 2000 00:08:00 -0800 (PST) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9V87t614918; Tue, 31 Oct 2000 00:07:55 -0800 (PST) Date: Tue, 31 Oct 2000 00:07:55 -0800 From: Alfred Perlstein To: groggy@iname.com Cc: freebsd-questions Subject: Re: no respect for W perms? Message-ID: <20001031000755.N22110@fw.wintelcom.net> References: <200010310629.VAA82567@groggy.anc.ptialaska.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010310629.VAA82567@groggy.anc.ptialaska.net>; from groggy@iname.com on Mon, Oct 30, 2000 at 09:29:25PM -0900 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * groggy@iname.com [001030 22:30] wrote: > i just was writing a C program using > fopen and fgetc and fputc and rename. > > with a file with perms such as: > > => rw r r root user FILENAME > > "user" could read FILENAME (of course) > and then write it to a temp file, and > the rename() it to FILENAME thereby > defeating the fact "user" had no > write permission. and no, it > is not a suid program. > > is something wrong? 3.5.1-RELEASE. Yes, you need a better understanding of directory permissions, most likely "user" has write access to the directory containing FILENAME via user or group permissions (hence the capability to create files) and therefore can delete. If you want a directory where "user" can't do that then you want to enable the sticky bit on the directory. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message