amd64/154112: user can delete file witch owned by root:wheel
Gary Palmer
gpalmer at freebsd.org
Tue Jan 18 21:11:04 UTC 2011
On Tue, Jan 18, 2011 at 08:10:10PM +0000, Ihor R wrote:
> The following reply was made to PR amd64/154112; it has been noted by GNATS.
>
> From: Ihor R <kaba at goodnet.com.ua>
> To: <bug-followup at FreeBSD.org>, <kaba at goodnet.com.ua>
> Cc:
> Subject: Re: amd64/154112: user can delete file witch owned by root:wheel
> Date: Tue, 18 Jan 2011 21:27:23 +0200
>
> On Tue, 18 Jan 2011 16:22:53 GMT, kib at FreeBSD.org wrote:
> > User home directory is owned by user, right ?
> > The system works as intended, read about unix file permission model.
>
> The home user directory is owned by user, but I quote don't understand
> how I can provide hosting service for my users, if anybody user can
> delete any files in his home directory. By example:
>
> if I want to block some resources, like site, by adding "deny from all"
> to .htaccess and replace owner of this file to root:wheel. User can not
> change this file (rewrite) but he can delete this file any time he wish
> - and the site will go on to work and can make some steps to damage
> server.
>
> Can you please explain me how can I get back to Unix where users can't
> delete file which they not own. What steps I need to do to solve current
> problem.
> I need that users can't change or delete files, that users not own,
> anyway it's (files) placed.
man 8 sticky
More information about the freebsd-amd64
mailing list