[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: File permission confusion [Debian 9.1 with MATE]

On 01/01/2018 06:01 AM, Thomas Schmitt wrote:

Richard Owlett wrote:
As user "richard" I was able to delete them with Caja.

To prevent renaming or deletion of a file, you need to prevent writing
to the directory which hosts it. (Actually you delete the "dirent", which
points to the inode. The inode gets deleted when its last dirent is gone
and no filedescriptor is open on it any more.)

You may prevent writing either by taking away w-permission for everybody
  chmod a-w directory
or by preventing users from removing files which they don't own
  chmod +t directory
But the superuser will probably be able to override both of this without
the prior need to change the directory permissions.

There is
  chattr +i file
with some filesystems. I dimly remember we had a discussion about its
effectiveness a while ago ...

Logged into Debian as "richard" SeaMonkey was able to change contents of
those files.

It is a usual strategy against softlink spoofing to rename or delete the
original file and to store the changed content as new file.

Have a nice day :)


Color me confused.
Using "ls- l ..." to track happened I used "chattr" and "chmod" on the same directory. Unsatisfactory.

I need a tutorial. Man pages are unsatisfactory. Sort of like giving someone a dictionary and expecting them to become competent writers.

I used "linux tutorial chmod chattr" [w/o quotes] in both DuckDuckGo and Google. Many were as much use as the dictionary. Many had "tutorial" in neither title nor content. Many discussed "chattr" or "chmod" with only a passing mention of the other. Can anyone point to tutorials which:
    cover both in a single article
    a single author with articles on both
    a single website with articles on both

Thank you.

Reply to: