Re: can touch(1) readonly files

[prj@po.cwru.edu (Paul Jarc)]

Wouter Verhelst <wouter@grep.be> wrote:
> You can only do that if you have write permissions to the directory the
> file is in; if not:
>
> wouter@rock:/usr$ touch -d 'next year' doc; ls -ld doc .
> touch: setting times of `doc': Operation not permitted
> drwxr-xr-x   16 root     root          472 Apr 28 03:21 .
> drwxr-xr-x    2 root     root         7568 May 13 02:42 doc

Wrong.  The error here comes from the fact that, just as described in
the documentation, you don't own the file.  If I can't write to the
directory, but I own the file, I can still make the change:
$ mkdir foo
$ cd foo
$ touch file
$ chmod a-w . file
$ touch -d 'next year' file
$ ll -d . file
dr-xr-xr-x    2 prj      default        72 May 13 11:22 .
-r--r--r--    1 prj      default         0 May 13  2004 file

> This is because those timestamps are saved in the directory inode
> instead of in the file inode, so closing down permissions on the file
> won't prevent anyone from tampering with timestamps.

No, the file's metadata is stored in its own inode.  But its
permission bits affect access only to its data, not to its metadata.
Metadata is always writable by the owner - otherwise you wouldn't be
able to restore your own write access after removing it.


paul