Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 16 Jan 2011 03:57:09 +1100 (EST)
From:      Ian Smith <smithi@nimnet.asn.au>
To:        perryh@pluto.rain.com
Cc:        swegill@gmail.com, freebsd@edvax.de, freebsd-questions@freebsd.org
Subject:   Re: httpd-modsec2_debug.log: Operation not permitted
Message-ID:  <20110116023315.S62193@sola.nimnet.asn.au>
In-Reply-To: <20110115231949.M62193@sola.nimnet.asn.au>
References:  <20110114032629.8042C1065782@hub.freebsd.org> <20110115003107.O62193@sola.nimnet.asn.au> <4d31714c./ou%2Bxrju7k5Jpolu%perryh@pluto.rain.com> <20110115231949.M62193@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 15 Jan 2011, Ian Smith wrote:
 > On Sat, 15 Jan 2011, perryh@pluto.rain.com wrote:
[..]
 >  > Last I knew having a file open, even for writing, was no protection
 >  > against its last link being removed.  The _inode_ won't go away
 >  > until the last handle is closed, but the _directory entry_ can still
 >  > be removed.
 > 
 > Accepting that, why wouldn't root be permitted to rm these files?  It's 
 > been shown that they don't have immutable, append-only or other flags 
 > set.  Clearly the filesystem is writable, if full.

Still bugging me .. maybe the _directory_ has some system flag/s set?

sola# mkdir test
sola# cd test
sola# touch a b c
sola# ls -lao
total 14
drwxr-xr-x  2 root  wheel  -   512 Jan 16 02:31 .
drwxr-xr-x  4 root  wheel  - 11264 Jan 16 02:31 ..
-rw-r--r--  1 root  wheel  -     0 Jan 16 02:31 a
-rw-r--r--  1 root  wheel  -     0 Jan 16 02:31 b
-rw-r--r--  1 root  wheel  -     0 Jan 16 02:31 c
sola# chflags schg .
sola# ls -lao
total 14
drwxr-xr-x  2 root  wheel  schg   512 Jan 16 02:31 .
drwxr-xr-x  4 root  wheel  -    11264 Jan 16 02:31 ..
-rw-r--r--  1 root  wheel  -        0 Jan 16 02:31 a
-rw-r--r--  1 root  wheel  -        0 Jan 16 02:31 b
-rw-r--r--  1 root  wheel  -        0 Jan 16 02:31 c
sola# rm c
rm: c: Operation not permitted
sola# touch d
touch: d: Operation not permitted
sola# chflags noschg .
sola# rm c
sola# ls -lao
total 14
drwxr-xr-x  2 root  wheel  -   512 Jan 16 02:32 .
drwxr-xr-x  4 root  wheel  - 11264 Jan 16 02:31 ..
-rw-r--r--  1 root  wheel  -     0 Jan 16 02:31 a
-rw-r--r--  1 root  wheel  -     0 Jan 16 02:31 b

So on the directory, setting schg achieves Subject behaviour/message, 
while sappnd permits adding (and truncating!) but not deleting files.

cheers, Ian

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110116023315.S62193>