• Next message: Ron Watkins: "Help, I can't get 99pl4 to work correctly. (compiler and efs)"
• Previous message: Hendrik G. Seliger: "Re: Has anyone been able to use lpr as non-root"
• Maybe in reply to: Duperval Laurent: "Security problem: SLS/99.4/extfs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

From: hank@Blimp (Hendrik G. Seliger)
Subject: Re: Security problem: SLS/99.4/extfs
Date: Fri, 12 Feb 1993 07:01:53 GMT

duperval@ERE.UMontreal.CA (Duperval Laurent) writes:

: Whenever a directory has 777 permision on it, anyone can remove any file in
: that directory. I know this is not proper behavior. Does anyone know the
: cure for it?

Well, I'm sorry, but this definitely IS proper behavior! The rights as
given to the file owner just relate to the contents of the file. So if
you have write permissions for a file, you can change the contents, you
can even cut the file to zero length, but you can't delete it. To be able
to delete a file you need (and you ONLY need) write permissions to the
directory in which the file resides. So, with 777-perm bits, everybody
has write permissions for that directory and thus everybody can delete
files in taht directory, even if they're not his own. You have to get
used to this scheme, but it is proper.

Hank.

• Next message: Ron Watkins: "Help, I can't get 99pl4 to work correctly. (compiler and efs)"
• Previous message: Hendrik G. Seliger: "Re: Has anyone been able to use lpr as non-root"
• Maybe in reply to: Duperval Laurent: "Security problem: SLS/99.4/extfs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]