[clug-talk] File permissions: add but not modify/delete?
akodian at gmail.com
Fri Nov 26 15:09:41 PST 2004
On Fri, 26 Nov 2004 15:51:50 -0700, Curtis Sloan <curtis.sloan at shaw.ca> wrote:
> I have a directory that I want group 'x' to be able to write to, but not
> modify/delete existing files (yes, that would include files they just added).
> I'm no expert, but as far as I can tell standard *nix permissions don't have
yes they can - you have a ready made example in the /tmp directory.
All users can write to the /tmp directory, but you cannot read or
modify other users files.
how do you do it ?
set the sticky bit on and set gid.
this means that any file created in the /tmp directory would have
group ownership of the parent directory's group. so the file created
in the /tmp directory by a user a of group x will have ownership by
user a and group ownership as root.
so you cannot clobber othr users files in the /tmp directory.
i believe this is what you are looking for.
ACLs are rarely useful unless you have a scenario where bob and mary
want to share write access on a file that no one else in their groups
should have access to.
More information about the clug-talk