[clug-talk] File permissions: add but not modify/delete?
curtis.sloan at shaw.ca
Fri Nov 26 17:08:24 PST 2004
On Fri November 26 2004 17:25, William Astle wrote:
> You can force the group of the files in the directory to match the group
> of the directory by setting the SGID bit. If the SUID bit worked
> similarly for directories, you could use that to accomplish what you
> wanted from the user owning the file perspective. It doesn't behave that
> way, though. Even with that, however, you would still have the umask
> problem; whatever the user sets the umask to still applies to the file
> after it was created so if the user's umask allows group write/read on
> the file, they'll still be able to read/modify the file (even if they
> can't delete it).
> All nice and straightforward, eh?
Actually, yes, that makes sense. I forgot about some *nix permissions
fundamentals and now that I've been reminded it all fits into place.
Fortunately, it's not a big deal that the user not be able to modify created
files this time. So sticky bits will do nicely (I've never actually used
them before, so this will be a good excuse to practice).
Thanks to everyone who contributed.
More information about the clug-talk