amd64/154112: user can delete file witch owned by root:wheel

Gary Palmer gpalmer at
Tue Jan 18 21:11:04 UTC 2011

On Tue, Jan 18, 2011 at 08:10:10PM +0000, Ihor R wrote:
> The following reply was made to PR amd64/154112; it has been noted by GNATS.
> From: Ihor R <kaba at>
> To: <bug-followup at>, <kaba at>
> Cc:  
> Subject: Re: amd64/154112: user can delete file witch owned by root:wheel
> Date: Tue, 18 Jan 2011 21:27:23 +0200
>   On Tue, 18 Jan 2011 16:22:53 GMT, kib at wrote:
>  > User home directory is owned by user, right ?
>  > The system works as intended, read about unix file permission model.
>   The home user directory is owned by user, but I quote don't understand 
>   how I can provide hosting service for my users, if anybody user can 
>   delete any files in his home directory. By example:
>   if I want to block some resources, like site, by adding "deny from all" 
>   to .htaccess and replace owner of this file to root:wheel. User can not 
>   change this file (rewrite) but he can delete this file any time he wish 
>   - and the site will go on to work and can make some steps to damage 
>   server.
>   Can you please explain me how can I get back to Unix where users can't 
>   delete file which they not own. What steps I need to do to solve current 
>   problem.
>   I need that users can't change or delete files, that users not own, 
>   anyway it's (files) placed.

man 8 sticky

More information about the freebsd-amd64 mailing list