Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!nrl-cmf!ukma!xanth!mcnc!ece-csc!ncrcae!ncrlnk!uunet!mcvax!hp4nl!philmds!leo
From: leo@philmds.UUCP (Leo de Wit)
Newsgroups: comp.unix.questions
Subject: Re: File Write Permission Rules
Keywords: file write permission rules
Message-ID: <950@philmds.UUCP>
Date: 12 Feb 89 12:38:36 GMT
References: <306@wubios.wustl.edu> <249@ibd.BRL.MIL> <1995@lindy.Stanford.EDU> <632@uva.UUCP>
Reply-To: leo@philmds.UUCP (Leo de Wit)
Organization: Philips I&E DTS Eindhoven
Lines: 24

In article <632@uva.UUCP> dik@uva.UUCP (Casper H.S. Dik) writes:
|If you have 4.3BSD, SunOS 4.x etc the solution is even more obvious:
|Set the sticky bit on your directory. This prevents people other than
|the owner of the file or the owner of the directory in which the link
|resides to unlink or rename the link.

A pity (is it really?) that ordinary users are not allowed to set
'sticky mode', this makes it hard to use by anyone but root. I fail to
understand what the possibility of unlinking has to do with sticky bits
(but then, you can fill me in); I thought that a sticky bit keeps a
file on the swap disk, once it is loaded.

If a user can put a file in a directory (write the directory file) he
can also remove ANY file in that directory (he can write the directory
file, so delete any links in that file). The only exception I can think
of, are non-empty subdirectories of the directory. And that is the way
I put stuff in /tmp that should not be removed by others:

$ cd /tmp
$ mkdir leo
$ chmod 700 leo
$ >leo/.guard

	Leo.