Hello, I need to know if there is something I am missing about file permission as I believe I am seeing some strange stuff on my system. I have a directory as follows: drwxrwxrwx 7 root root 4096 Mar 10 13:35 temp In this directory I have a file: -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33test As a normal user should I be able to rename this file? I believe that only root should be able to modify this file but as a normal user I am able to rename it without elevated privileges as so: temp $ mv 208-109-248-33test 208-109-248-33-mv [Sat Mar 10 13:41:05] /temp temp $ lt 208* -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33-mv How is this possible? If it is possible what am I missing or not understanding? Thnx. -- Regards Robert Linux The adventure of a lifetime. Linux User #296285 Get Counted http://linuxcounter.net/
On Saturday, March 10, 2012 01:45:19 PM Robert Spangler wrote:> drwxrwxrwx 7 root root 4096 Mar 10 13:35 temp...> temp $ lt 208* > -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33-mv > > How is this possible? If it is possible what am I missing or not > understanding? Thnx.You have write permissions to the directory; renaming a file needs write on the directory, not on the file.
On Sat, Mar 10, 2012 at 01:45:19PM -0500, Robert Spangler wrote:> Hello, > > I need to know if there is something I am missing about file permission as I > believe I am seeing some strange stuff on my system. I have a directory as > follows: > > drwxrwxrwx 7 root root 4096 Mar 10 13:35 temp > > In this directory I have a file: > > -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33test > > As a normal user should I be able to rename this file? I believe that only > root should be able to modify this file but as a normal user I am able to > rename it without elevated privileges as so: > > temp $ mv 208-109-248-33test 208-109-248-33-mv > > [Sat Mar 10 13:41:05] /temp > > temp $ lt 208* > -rw-r--r-- 1 root root 137 Oct 30 02:16 208-109-248-33-mv > > How is this possible? If it is possible what am I missing or not > understanding? Thnx.As Mr Owen remarks, nothing is broken. To get the mode ("permissions") semantics that you might be expecting, set the "sticky bit" of the directory. <root> # chmod +t temp Then the mode will appear as "drwxrwxrwt" ( 1777 in octal). Notice that this is the same as the mode for /tmp. "In Unix, everything is a file." Directories are files, too. Dave
Robert Spangler <mlists at zoominternet.net> wrote:>>How is this possible? If it is possible what am I missing or not understanding? Thnx. << Lamar Owen nailed it in his post: renaming a file means updating its directory entry and hence requires write permission on the directory, not the file - which you have as a result of the "other" permissions on the directory: drwxrwxrwx 7 root root 4096 Mar 10 13:35 temp If you want the full story, I have an article on my web site (part of a magazine series I wrote, years ago) which explains permissions in detail: http://www.lesbell.com.au/Home.nsf/web/Controlling+Access+to+Files?OpenDocument (Other articles are at http://www.lesbell.com.au/Home.nsf/Linux?OpenView) Best, --- Les Bell [http://www.lesbell.com.au] Tel: +61 2 9451 1144
On Saturday 10 March 2012 13:45, the following was written: Thnx everyone. I was under the impression that even though you had access to the directory you still could not touch a file that you were not part of the owner or group unless the bits were set. -- Regards Robert Linux The adventure of a lifetime. Linux User #296285 Get Counted http://linuxcounter.net/