LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-09-2004, 03:03 AM   #1
vincebs
Member
 
Registered: Oct 2003
Location: Mississauga, ON
Distribution: Ubuntu 9.04
Posts: 494

Rep: Reputation: 30
How to keep people from deleting certain files?


Hi everyone,

I created a /downloadz directory where Internet downloads automatically go to. I want to keep some of these files write-protected so that no one but root can delete them but I'm not sure how. Here is what I tried:

1.) chgrp root filename
2.) chown root filename
3.) chmod 644 filename

Yet any normal user can just type "rm -f filename" and the file will magically disappear. How do I stop this?

Thanks,
Vince
 
Old 04-09-2004, 03:21 AM   #2
beejayzed
Member
 
Registered: Jan 2004
Location: Auckland, New Zealand
Distribution: Ubuntu
Posts: 686

Rep: Reputation: 30
Alright, I can tell you. You need to make the owner of the file root, you can let other users access it but not delete it.
I'm not familiar with how to do this in the terminal but in konqueror in KDE 3.2 there is a sticky option that you need to check so that other users can't delete it.
 
Old 04-09-2004, 07:21 AM   #3
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
Holy crap you are right [vincebs]! Hmmm, this is baffling me. Let me see if google can help solve this...i'm too am very curious as to why this allows a user to delete this file.

-twantrd
 
Old 04-09-2004, 01:37 PM   #4
mikshaw
LQ Addict
 
Registered: Dec 2003
Location: Maine, USA
Distribution: Slackware/SuSE/DSL
Posts: 1,320

Rep: Reputation: 45
from chmod manpage:
Code:
STICKY DIRECTORIES
       When the sticky bit is set on a directory, files  in  that
       directory may be unlinked or renamed only by root or their
       owner.  Without the sticky bit, anyone able  to  write  to
       the  directory can delete or rename files.  The sticky bit
       is commonly found on directories, such as /tmp,  that  are
       world-writable.
 
Old 04-10-2004, 10:10 PM   #5
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
Hi,

I tried doing this on my home dir. So for example:

as root:
1. cd /home/twantrd
2. touch test.txt; chmod 644 test.txt; chown root.root test.txt

as twantrd:
1. ls -al /home/twantrd = -rw-r--r--
2. rm test.txt (works)

So, I need to create the sticky bit on /home/twantrd (and all other home directories) to prevent others from deleting 'test.txt'?? I thought the sticky bit was used so that normal users can execute binaries/scripts as root. Am i wrong?

If you look at permission on /root it is = drwxr-xr-x
There is no sticky bit there as you can tell. I created a file called 'twantrdtest.txt' and did same steps as root. However, normal users cannot delete that file. WHY?


-twantrd
 
Old 04-11-2004, 05:59 PM   #6
vincebs
Member
 
Registered: Oct 2003
Location: Mississauga, ON
Distribution: Ubuntu 9.04
Posts: 494

Original Poster
Rep: Reputation: 30
How do you create a "sticky bit"? I don't get it. What does "set user ID", "set group ID", and "set sticky attribute" mean?
 
Old 04-11-2004, 08:46 PM   #7
oot
Member
 
Registered: Dec 2002
Distribution: Slackware 12.0
Posts: 240

Rep: Reputation: 30
I don't think you need to worry about the "sticky bit" stuff just to do this. Whether or not a user can delete a file depends on whether or not the user has write permission on the file's directory. So if you wanted to keep everybody but the file's owner from deleting it, you could do "chmod go-w /directory/the/file/is/in/".
 
Old 04-12-2004, 03:01 PM   #8
twantrd
Senior Member
 
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
oot,

The directory has -rw-r--r--. There is no 'write' bit on the directory but the user can still delete it. My only guess is the sticky bit. How can you tell that the sticky bit is in place?? Just do 'ls -al' and you should see something like rws-r-sr-s.....something like that?

-twantrd
 
Old 04-12-2004, 03:22 PM   #9
itsme86
Senior Member
 
Registered: Jan 2004
Location: Oregon, USA
Distribution: Slackware
Posts: 1,246

Rep: Reputation: 59
The sticky bit is 't'. So you can do 'chmod a+t /home/twantrd' to make the directory sticky.

'man' is your friend. Type 'man chmod'. It tells you all about it.
 
Old 04-12-2004, 03:40 PM   #10
Nis
Member
 
Registered: Jul 2003
Location: Virginia
Distribution: Ubuntu Hoary (5.04)
Posts: 550

Rep: Reputation: 31
If you really want to keep those files around, you can make a file 'immutable'. Just
Code:
chmod +i file
Nothing will be able to delete or edit the file now, not even the user who owns it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
For people how want to play WMA files without converting MP3 files waelaltaqi Linux - Software 15 11-17-2005 09:30 AM
Deleting files in C monil Programming 4 03-13-2005 11:33 AM
Need to protect files from people with su ability cotton213 Linux - Security 5 12-10-2004 09:56 PM
Deleting files ShakyJake Linux - Newbie 12 05-08-2003 04:07 PM
Deleting files Tingle Linux - Newbie 4 01-16-2003 05:19 PM


All times are GMT -5. The time now is 08:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration