Date: Tue, 18 Jan 2011 21:11:05 +0200 From: Ihor R <kaba@goodnet.com.ua> To: <kib@FreeBSD.org> Cc: freebsd-amd64@FreeBSD.org Subject: Re: amd64/154112: user can delete file witch owned by root:wheel Message-ID: <c22200ee7f20df00817966dbd7d3a6c9@goodnet.com.ua> In-Reply-To: <201101181622.p0IGMrfs074713@freefall.freebsd.org> References: <201101181622.p0IGMrfs074713@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 Jan 2011 16:22:53 GMT, kib@FreeBSD.org wrote: > User home directory is owned by user, right ? > The system works as intended, read about unix file permission model. > The home user directory is owned by user, but I quote don't understand how I can provide hosting service for my users, if anybody user can delete any files in his home directory. By example: if I want to block some resources, like site, by adding "deny from all" to .htaccess and replace owner of this file to root:wheel. User can not change this file (rewrite) but he can delete this file any time he wish - and the site will go on to work and can make some steps to damage server. Can you please explain me how can I get back to Unix where users can't delete file which they not own. What steps I need to do to solve current problem. I need that users can't change or delete files, that users not own, anyway it's (files) placed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c22200ee7f20df00817966dbd7d3a6c9>