amd64/154112: user can delete file witch owned by root:wheel

Steve Kargl sgk at
Tue Jan 18 20:10:37 UTC 2011

On Tue, Jan 18, 2011 at 09:11:05PM +0200, Ihor R wrote:
> On Tue, 18 Jan 2011 16:22:53 GMT, kib at wrote:
> >User home directory is owned by user, right ?
> >The system works as intended, read about unix file permission model.
> The home user directory is owned by user, but I quote don't understand 
> how I can provide hosting service for my users, if anybody user can 
> delete any files in his home directory. By example:

man chflags

su root
cd /usr/home/kargl
touch zxc.txt
chown root:wheel zxc.txt
chflags schg /usr/home/kargl/zxc.txt

su kargl
troutmask:kargl[201] rm zxc.txt
override rw-r--r--  root/wheel schg for zxc.txt? y
rm: zxc.txt: Operation not permitted


More information about the freebsd-amd64 mailing list