[clug-talk] File permissions: add but not modify/delete?

Adil Kodian akodian at gmail.com
Fri Nov 26 15:09:41 PST 2004


On Fri, 26 Nov 2004 15:51:50 -0700, Curtis Sloan <curtis.sloan at shaw.ca> wrote:
> I have a directory that I want group 'x' to be able to write to, but not
> modify/delete existing files (yes, that would include files they just added).
> I'm no expert, but as far as I can tell standard *nix permissions don't have

yes they can - you have a ready made example in the /tmp directory.

All users can write to the /tmp directory, but you cannot read or
modify other users files.

how do you do it ?

set the sticky bit on and set gid.

this means that any file created in the /tmp directory would have
group ownership of the parent directory's group.  so the file created
in the /tmp directory by a user a of group x will have ownership by
user a and group ownership as root.

so you cannot clobber othr users files in the /tmp directory.

i believe this is what you are looking for.

ACLs are rarely useful unless you have a scenario where bob and mary
want to share write access on a file that no one else in their groups
should have access to.



More information about the clug-talk mailing list