-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According to James J. Perry on 4/16/2008 4:25 PM: | We are in the cutover process and one of the DBAs found this behavior. | If testfile1 is owned by usera:group1 in a parent directory with | permissions 777 owned by usera:group1, userb:group2 can delete testfile1 | even if testfile1 has permissions 600. Conversely if the same parent | directory has permissions 755 and userb owns testfile2 with 777 | permissions they cannot delete their own file from that parent | directory.
Yes, and POSIX requires this. You probably want to set the directory's sticky bit. | I found this happens on rm version 5.2.1 running on RHEL4 | and 5.97 running on RHEL5. Consider upgrading - the latest stable version is 6.10 (and 6.11 is due out this month). | It does not specify anything about this | behavior in the man pages or other docs. Can you please look into this | and let me know about this behavior? POSIX documents it here: http://www.opengroup.org/onlinepubs/009695399/utilities/rm.html http://www.opengroup.org/onlinepubs/009695399/functions/unlink.html In particular, the EACCES errors on unlink() mention that without the sticky bit, all you need is write access to the directory (and your directory is world writable); with the sticky bit set, you must also own the directory and file. To set the sticky bit, use: chmod a+t dir or chmod 01777 dir - -- Don't work too hard, make some time for fun as well! Eric Blake [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Cygwin) Comment: Public key at home.comcast.net/~ericblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkgGmuoACgkQ84KuGfSFAYAIKACeJYuYGzX8qCLzpq2udRT8XCaz Ov4AnR8tXDVKaO9F5Jq46knYg2E/6s5+ =R2nF -----END PGP SIGNATURE----- _______________________________________________ Bug-coreutils mailing list Bug-coreutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-coreutils
