Re: Is this possible with DAC or ACL?

To: debian-user@lists.debian.org
Subject: Re: Is this possible with DAC or ACL?
From: Reco <recoverym4n@enotuniq.net>
Date: Wed, 6 Jan 2021 18:35:43 +0300
Message-id: <[🔎] E1kxAqd-0003RU-E3@enotuniq.net>
In-reply-to: <[🔎] 2f50d35b-019c-357c-8729-d738cffbe3cd@masson-informatique.fr>
References: <[🔎] 2f50d35b-019c-357c-8729-d738cffbe3cd@masson-informatique.fr>

	Hi.

On Wed, Jan 06, 2021 at 04:32:02PM +0100, Yvan Masson wrote:
> Let's say I have a directory `/dir`. Is it possible to allow a user to
> do whatever he wants inside this directory, but not to delete `/dir`?

To delete a directory a user must have an appropriate permissions to a
higher-level directory.

Taking your example literally:

root@x:/# mkdir /dir
root@x:/# chown user /dir
root@x:/# su - user
user@x:~$ rmdir /dir
rmdir: failed to remove '/dir': Permission denied

Why it behaves so? Because this:

# ls -lad /
drwxr-xr-x 23 root root 4096 Jan  6 15:33 /

Reco

Reply to:

References:
- Is this possible with DAC or ACL?
  - From: Yvan Masson <yvan@masson-informatique.fr>

Prev by Date: Is this possible with DAC or ACL?
Next by Date: Re: [SOLUTION] Re: Bullseye: setting and using $DISPLAY after su -
Previous by thread: Is this possible with DAC or ACL?
Next by thread: Re: Is this possible with DAC or ACL?
Index(es):
- Date
- Thread