1

Bob is the sysadmin.

Alice is a user, and boy is she a mess.

Bob has set up a shared folder, say /srv/share, with permissions of 775 and ownership belonging to bob:usershares.

Alice is not a part of the usershare group.

Bob mv's one of Alice's files named "prescriptions.pdf" to the the /srv/share directory. It maintains the ownership of alice:alice. Bob mistakenly assumes the file is safe, as Alice cannot delete or rename the file due to directory permissions.

One day Alice forgets to take her medication, and has an episode. She can't delete that file, so she executes echo "" > /srv/share/prescriptions.pdf

Now none of her coworkers know what to do.

Bob could have made the share directory without global r or x permissions, but several daemons also require read access to files in that directory, and some of those daemons Bob would rather keep from having w permissions, so he only has users in the usershare group.

Surely Bob would not have to religiously change file ownership every time a file is moved to that directory. What else could Bob have done to prevent certain users altering files in that directory?

sunshine
  • 11
  • Ahh... the BSD file permission problem....... BSD Permissions ... Sticky Bit ... change the owner of all files in the shared directory since the directory permissions are not inherited to files in the directory.... Shared Write – RubberStamp Mar 12 '18 at 03:34
  • 1
  • yes, it's not at all unreasonable to expect Bob, or root, to chown files he doesn't want someone else to have write access to. Carelessness has consequences. Also, cron exists. 2. Read up on Access Control Lists (ACLs). 3. (relevant only if root account is used) the root user can use chattr to make the file immutable - e.g. see https://unix.stackexchange.com/questions/48579/why-can-rm-remove-read-only-files/48588#48588
    • – cas Mar 12 '18 at 03:58