Re: [suse-security] permissions question

18 Jun 2000


      On Sun, 18 Jun 2000, Eilert Brinkmann wrote:
...
Jens Kuehnel  wrote:
...
...
...
...
can a root user create a file in a regular user's home
directory so that the regular user can not remove it?
Have a look at the directory-Mode.
Writing a directory means deleting and creating files.
Normaly the best thing is a t-bit like at /tmp.
That won't work in this case. The owner of the directory (i.e., the
regular user who should be the owner of his home directory) will still
be able to delete files he doesn't own. And because he is able to
change his home directory's permissions he even could simply clear the
t-bit. Setting the immutable flag with chattr is the only possible
solution.
Not the only solution ... you could break the users fingers...
or other acts of BOFHness....

Cheers,
GC
-- 
There is something inherently wrong with the world when Bill Gates is a
famous billionaire and Dennis Ritchie lives in relative obscurity.

Re: [suse-security] permissions question

Gregory Conron