LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-05-2011, 08:05 PM   #1
rabir
LQ Newbie
 
Registered: Nov 2011
Posts: 18

Rep: Reputation: Disabled
Question permission [Make my files readable ,writable but couldnot be delete] ?


Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help

Last edited by rabir; 12-05-2011 at 09:23 PM.
 
Old 12-05-2011, 08:11 PM   #2
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
Deleted due to confusion.

Last edited by corp769; 12-06-2011 at 07:01 AM.
 
0 members found this post helpful.
Old 12-05-2011, 10:42 PM   #3
rabir
LQ Newbie
 
Registered: Nov 2011
Posts: 18

Original Poster
Rep: Reputation: Disabled
Question protect my files & directories to delete ?

Dear all

greetings.

i set permission on FTP files & directories as 644 & 755. but some users can delete the files inside in. how could i make my files non-deletable ?

thanks in advance for replies
 
Old 12-05-2011, 10:48 PM   #4
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
Deleted.

Last edited by corp769; 12-06-2011 at 06:45 AM.
 
1 members found this post helpful.
Old 12-06-2011, 12:12 AM   #5
rabir
LQ Newbie
 
Registered: Nov 2011
Posts: 18

Original Poster
Rep: Reputation: Disabled
thanks for response

my samba share configuration here
/*
[samba]
comment=public stuff
path=/samba
public=yes
create mask=0664
directory mask=0775
writable=yes

*/

now i try to protect my files to delete.
in my exixting configuration it is available to create & access.
 
Old 12-06-2011, 04:51 AM   #6
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
The thread started with FTP, not Samba. Are you now trying to configure an FTP server or Samba?
 
Old 12-06-2011, 05:00 AM   #7
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
If you grant write access to a file, it could also be emptied. Is this what you want? Usually it’s set up by disallowing a write to the directory itself (but then they also couldn’t create a file).
 
Old 12-06-2011, 05:59 AM   #8
mesuutt
Member
 
Registered: Jan 2011
Location: İstanbul
Distribution: Slackware,Debian
Posts: 62

Rep: Reputation: 1
Wink

I hope sticky bit solve your problem .
If you add sticky bit to parent directory of files, anyone can't remove files in directory.Only file's owner can remove files
Code:
chmod +t <parent directory of your files>
See : http://en.wikipedia.org/wiki/Sticky_bit
 
Old 12-06-2011, 06:17 AM   #9
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
Deleted. Sorry for any inconveniences.....

Last edited by corp769; 12-06-2011 at 06:45 AM.
 
Old 12-06-2011, 06:54 AM   #10
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 220Reputation: 220Reputation: 220
I hope you know about sticky bit

You can use this

Code:
#chmod 1664 /path/to/share
or
#chmod -R 1664 /path/to/share
change the permission as per your requirements and "1" represents sticky bit

check this link for more information on sticky bit

http://www.linuxquestions.org/questi...d-sgid-258719/
 
Old 12-06-2011, 06:56 AM   #11
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 220Reputation: 220Reputation: 220
Quote:
Originally Posted by rabir View Post
Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help
you have asked same type of question in two threads....?

http://www.linuxquestions.org/questi...delete-917320/
 
Old 12-06-2011, 07:00 AM   #12
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
Ahh, that's why I referred to samba in that other one originally. I wasn't crazy after all! Thanks for pointing that out. Reporting this thread to be closed, since this thread is newer.
 
Old 12-06-2011, 07:16 AM   #13
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: rhel 5x,6.0,6.2, centOS 5x,6.0,6.2
Posts: 1,188
Blog Entries: 4

Rep: Reputation: 220Reputation: 220Reputation: 220
Quote:
Originally Posted by corp769 View Post
Ahh, that's why I referred to samba in that other one originally. I wasn't crazy after all! Thanks for pointing that out. Reporting this thread to be closed, since this thread is newer.
Well if you are closing that thread then I will repost my answer in this thread

Quote:
Originally Posted by rabir View Post
Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help
I hope you know about sticky bit

You can use this


Code:
#chmod 1664 /path/to/share
or
#chmod -R 1664 /path/to/share
change the permission as per your requirements and "1" represents sticky bit

check this link for more information on sticky bit

http://www.linuxquestions.org/questi...d-sgid-258719/
 
Old 12-06-2011, 07:17 AM   #14
corp769
Guru
 
Registered: Apr 2005
Posts: 5,807

Rep: Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996Reputation: 996
+1 to the sticky bit.

And sorry for any confusion before within my posts. I deleted them because nothing seemed right after reading them.
 
1 members found this post helpful.
Old 12-06-2011, 07:30 AM   #15
EricTRA
Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290Reputation: 1290
Hello,

You could also check out chattr. The advantage is that whatever attributes you change will not show with an ordinary ls, you'll need lsattr. And only root can change the attributes if you need to change them again.
Quote:
DESCRIPTION
chattr changes the file attributes on a Linux file system.

The format of a symbolic mode is +-=[acdeijstuADST].

The operator `+' causes the selected attributes to be added to the existing attributes of the files; `-' causes them to be removed; and `=' causes them to
be the only attributes that the files have.

The letters `acdeijstuADST' select the new attributes for the files: append only (a), compressed (c), no dump (d), extent format (e), immutable (i), data
journalling (j), secure deletion (s), no tail-merging (t), undeletable (u), no atime updates (A), synchronous directory updates (D), synchronous updates
(S), and top of directory hierarchy (T).

The following attributes are read-only, and may be listed by lsattr(1) but not modified by chattr: huge file (h), compression error (E), indexed directory
(I), compression raw access (X), and compressed dirty file (Z).
Kind regards,

Eric
 
1 members found this post helpful.
  


Reply

Tags
ftp, permission


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Recursive delete specific files from sub-directories. guriinii Linux - Newbie 11 03-07-2011 10:41 AM
sticky bit: how to protect directories but not files inside alexandrusa Linux - Server 8 03-27-2008 10:35 AM
How to delete files in many directories? pandronic Linux - Newbie 3 10-23-2006 09:20 AM
Need to delete directories with files using command line FTP Zombie13 Linux - Software 2 03-10-2006 10:23 PM
Cant delete directories/files skopje909 Linux - General 2 11-07-2001 05:59 PM


All times are GMT -5. The time now is 02:52 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration