amd64/154112: user can delete file witch owned by root:wheel
kaba at goodnet.com.ua
Tue Jan 18 20:10:11 UTC 2011
The following reply was made to PR amd64/154112; it has been noted by GNATS.
From: Ihor R <kaba at goodnet.com.ua>
To: <bug-followup at FreeBSD.org>, <kaba at goodnet.com.ua>
Subject: Re: amd64/154112: user can delete file witch owned by root:wheel
Date: Tue, 18 Jan 2011 21:27:23 +0200
On Tue, 18 Jan 2011 16:22:53 GMT, kib at FreeBSD.org wrote:
> User home directory is owned by user, right ?
> The system works as intended, read about unix file permission model.
The home user directory is owned by user, but I quote don't understand
how I can provide hosting service for my users, if anybody user can
delete any files in his home directory. By example:
if I want to block some resources, like site, by adding "deny from all"
to .htaccess and replace owner of this file to root:wheel. User can not
change this file (rewrite) but he can delete this file any time he wish
- and the site will go on to work and can make some steps to damage
Can you please explain me how can I get back to Unix where users can't
delete file which they not own. What steps I need to do to solve current
I need that users can't change or delete files, that users not own,
anyway it's (files) placed.
More information about the freebsd-amd64