Date: Tue, 18 Jan 2011 20:10:10 GMT From: Ihor R <kaba@goodnet.com.ua> To: freebsd-amd64@FreeBSD.org Subject: Re: amd64/154112: user can delete file witch owned by root:wheel Message-ID: <201101182010.p0IKAA5u010462@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR amd64/154112; it has been noted by GNATS. From: Ihor R <kaba@goodnet.com.ua> To: <bug-followup@FreeBSD.org>, <kaba@goodnet.com.ua> Cc: Subject: Re: amd64/154112: user can delete file witch owned by root:wheel Date: Tue, 18 Jan 2011 21:27:23 +0200 On Tue, 18 Jan 2011 16:22:53 GMT, kib@FreeBSD.org wrote: > User home directory is owned by user, right ? > The system works as intended, read about unix file permission model. The home user directory is owned by user, but I quote don't understand how I can provide hosting service for my users, if anybody user can delete any files in his home directory. By example: if I want to block some resources, like site, by adding "deny from all" to .htaccess and replace owner of this file to root:wheel. User can not change this file (rewrite) but he can delete this file any time he wish - and the site will go on to work and can make some steps to damage server. Can you please explain me how can I get back to Unix where users can't delete file which they not own. What steps I need to do to solve current problem. I need that users can't change or delete files, that users not own, anyway it's (files) placed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201101182010.p0IKAA5u010462>