Date: Wed, 14 May 1997 15:00:07 -0700 From: Julian Elischer <julian@whistle.com> To: hackers@freebsd.org Subject: RFC.. Proposal.. file flag No-delete Message-ID: <337A35E7.5656AEC7@whistle.com>
next in thread | raw e-mail | index | archive | help
Here is the situation..
a skeleton of directories and files which must not be removed except
by root, intermixed with files that should be able to be added and
removed by users of a particular group.
(M) = directory
[N] = file
(A)----(B)----[C]
|
\-(D)
We want non root members of group 'x' to be able to
add files or directories to directories A, B or D, and delete
them again,
however they must not be able to delete A,B,C, or D
non members of group 'x' must only be able to write into D in
the case where D is owned by them. (D represents several
directories with different owners(e.g. home directories))
this seems to be an easy problem, but it turns out that
it is not immediatly solvable using standard semantics.
I would like to suggest one of two changes.
1/ I cannot see a definition of the SUID bit in directories..
possibly extending this to mean "Directory not deletable
except by owner(or root)" might allow me to get 99% of what I need.
2/ alternatively adding a flag "nodelete". noschg is too
severe as I want the goup 'x' members to be able to add and delete
entries to these directories, and "append-only" doesn't work because
I want them to be able to delete any files they added.
I would imagine the "nodelete" flag affecting only the unlink(),
rmdir() and rename() calls.
basically I need to be able to set up a skeleton that cannot be
alterd or removed, but can be added to by non root users.
comments?
fruit?
would it be of general use?
does it break the P.O.L.A?
as an extension, does it break posix or anything?
julian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?337A35E7.5656AEC7>