Joshua C. wrote:
2009/1/21 Steve Grubb <sgrubb@xxxxxxxxxx>:
On Wednesday 21 January 2009 05:19:39 pm nodata wrote:
Am Dienstag, den 20.01.2009, 06:44 -0500 schrieb Steve Grubb:
On Monday 19 January 2009 04:13:09 pm Manuel Wolfshant wrote:
actually after chattr +i not even root can modify / delete the file:
True. But you can chattr -i ./foo and then edit the file remembering to
make it immutable again when you are done editing it. Not as automatic as
one might like, but that's how to do it.
That would mean a race though. Better to fix directory permissions :)
The original question was about a file owned by root but readable by others. I
assume 0644 permissions. The root ownership still protects it.
-Steve
This makes part of it useless: If the owner is root but I still can
delete/modify the file (because if dir permissions) then the ownership
doesn't matter. The file was set to 444. The idea was to have a file
that cannot be deleted/modified but only read by everyone regardless
of the directory permissions. And the only suitable answer is to set
it +i.
Or make the directory sticky if you must give untrusted users write
access to it and do not want them to be able to unlink or rename one
another's files?
Bryn.
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
