vsftpd: users can delete files they don't possess

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, 2006-05-16 at 18:57 +0200, Kai Schaetzl wrote:
> Andy Green wrote on Tue, 16 May 2006 16:59:18 +0100:
> 
> > This sounds like a Unix feature, not a bug.  If the user has write 
> > rights to the directory, he can delete anything in the directory no 
> > matter who owns the file.
> 
> Oh, well, now that you say it I remember that remotely from "Unix school". 
> I'd completely phased that out.
> 
> Is there a way to achieve different behavior without using acl extensions? 
> My objective is that I want users *not* to be able to delete certain 
> files/directories in their home directories. It seems I can achieve this 
> partly by putting files in a directory they don't own. They then cannot 
> delete the files in the directory and therefore cannot delete the 
> directory. As soon as the directory is empty they can delete it.
> 

Have you reviewed the chmod command? There is a bit that can be set that
says that files can only be deleted by those who own them. Shows up with
a "t" in certain positions. Just like with /tmp.

> Kai
> <snip sig stuff>

HTH
-- 
Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20060516/fb35daf3/attachment.bin

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux