Wrong security attributes. Maybe a bug?
Joshua C.
joshuacov at googlemail.com
Thu Jan 22 06:50:39 UTC 2009
2009/1/21 Steve Grubb <sgrubb at redhat.com>:
> On Wednesday 21 January 2009 05:19:39 pm nodata wrote:
>> Am Dienstag, den 20.01.2009, 06:44 -0500 schrieb Steve Grubb:
>> > On Monday 19 January 2009 04:13:09 pm Manuel Wolfshant wrote:
>> > > actually after chattr +i not even root can modify / delete the file:
>> >
>> > True. But you can chattr -i ./foo and then edit the file remembering to
>> > make it immutable again when you are done editing it. Not as automatic as
>> > one might like, but that's how to do it.
>>
>> That would mean a race though. Better to fix directory permissions :)
>
> The original question was about a file owned by root but readable by others. I
> assume 0644 permissions. The root ownership still protects it.
>
> -Steve
>
This makes part of it useless: If the owner is root but I still can
delete/modify the file (because if dir permissions) then the ownership
doesn't matter. The file was set to 444. The idea was to have a file
that cannot be deleted/modified but only read by everyone regardless
of the directory permissions. And the only suitable answer is to set
it +i.
More information about the fedora-devel-list
mailing list