-1

"What permissions must be set on a directory to allow one to append data to a file in that directory, but not to remove that file?"

From my understanding, you need the 'w' write permission to append data to a file, but that will also give you the ability to remove the file but the question is asking for the permissions that should be set for one to be able to append data to a file BUT not remove it.

Rui F Ribeiro
  • 56,709
  • 26
  • 150
  • 232
Matt
  • 375
  • 1
  • 5
  • 10

2 Answers2

3

Appending data to a file requires write permission on the file itself. Removing a file requires write permission on the directory containing a file.

For example, I have a directory called testdir, for which I have removed write permissions:

[haxiel@testvm1 ~]$ ls -ld testdir/
dr-xr-xr-x. 2 haxiel haxiel 26 Nov 23 10:09 testdir/

Inside the directory, I had created a file called testfile.txt (this was done before removing the write permission on the directory).

[haxiel@testvm1 testdir]$ ls -l testfile.txt
-rw-rw-r--. 1 haxiel haxiel 12 Nov 23 10:11 testfile.txt

Now, I am able to append data to the file, since I have write permission on it:

[haxiel@testvm1 testdir]$ echo "Line1" >> testfile.txt
[haxiel@testvm1 testdir]$ echo "Line2" >> testfile.txt
[haxiel@testvm1 testdir]$ cat testfile.txt
Line1
Line2

But I cannot remove the file since I do not have write permissions on its parent directory.

[haxiel@testvm1 testdir]$ rm testfile.txt
rm: cannot remove ‘testfile.txt’: Permission denied

You can look at this question for more details on directory permissions: Execute vs Read bit. How do directory permissions in Linux work?

Haxiel
  • 8,361
  • 1
    Yes, but one could still make the file empty. Thus sercumventing the whole reason for the question. All the data would still be gone. @Haxiel – Michael Prokopec Nov 23 '18 at 05:11
1

The Directory has nothing to do with the files permissions. The file, if it can be written too, can also be deleted. You could try ACLs, like here: How to give permissions to read write but not delete the file , but that is easily sercumvented.

Here is a explination of file permissions:

(rwx------)  This area is for owner.
(---rwx---)  This area is for group owner.
(------rwx)  This area is for others.
(-rwx------) The preceding - indicates a directory.

       Value       | Meaning
                   |
==========================================================================================================================================================================================================
                   |
777    (rwxrwxrwx) | No restrictions on permissions. Anybody may do anything. Generally not a desirable setting.

755    (rwxr-xr-x) | The file's owner may read, write, and execute the file. All others may read and execute the file. This setting is common for programs that are used by all users.

700    (rwx------) | The file's owner may read, write, and execute the file. Nobody else has any rights. This setting is useful for programs that only the owner may use and must be kept private from others.

666    (rw-rw-rw-) | All users may read and write the file.

644    (rw-r--r--) | The owner may read and write a file, while all others may only read the file. A common setting for data files that everybody may read, but only the owner may change.

600    (rw-------) | The owner may read and write a file. All others have no rights. A common setting for data files that the owner wants to keep private.