[vox-tech] samba permissions issue
vox-tech@lists.lugod.org
vox-tech@lists.lugod.org
Thu, 20 Feb 2003 02:21:15 -0500
On Wed, Feb 19, 2003 at 07:36:51PM -0800, Jeff Newmiller wrote:
> On Wed, 19 Feb 2003, Ryan wrote:
> > I have a public upload directory set up with permissions 775, where I
> > want want people in my 'users' group to be able to upload files.
> >
> > Files that are uploaded are given permissions 755.
> > network neighborhood (winbloze), non-owners of a file that are logged in
> > over the network, but still belonging to the 'users' group, can
> > delete any of the files in the directory. I don't know why this is.
>
> Permission to delete files derives from the write permissions on the
> directory from which the file is to be deleted. The set of people
> authorized to create files in a directory is equal to the set of people
> authorized to delete or rename files in that directory.
Jeff is correct, with a minor modification. If the directory low special
bit (aka sticky bit) is set only owners of the file may delete the file.
1xxx. like 1775 or 1777.
this is how the /tmp dir is setup... you should try this and see if the
windows users still have permission to nuke files.
from chmod (1) man page.
===
STICKY DIRECTORIES
When the sticky bit is set on a directory, files in that
directory may only be unlinked or renamed by root or their
owner. (Without the sticky bit, anyone able to write to
the directory can delete or rename files.) The sticky bit
is commonly found on directories, such as /tmp, which are
world-writable.
===