[Gllug] File permissions and umask on Ubuntu (and I think probably, Debian)

[John Winters]

Anthony Newman wrote:
> John Winters wrote:
>> Anthony Newman wrote:
>>> John Winters wrote:
>>>> If you know a way of achieving this kind of file sharing without 
>>>> setting umasks to 0002 then I'd love to hear it.  Asking users to 
>>>> keep changing their umasks depending on what kind of work they're 
>>>> doing is *not* feasible.
>>>
>>> It appears that your only problem is non-propagation of group 
>>> writable bits to subdirectories
>>
>> and the files therein
>>
> 
> Not really. Directory write permissions override the permission on 
> individual files contained within them. If the dirs are g+w, all users 
> in the same group as the directory may change or delete the files 
> inside, even if the files are a-w. This is slightly paradoxical, but 
> nonetheless true :)

I'm afraid it isn't true.  See the following transcript:

kate at knight:/home/john/test/perm$ groups
kate audio src video
kate at knight:/home/john/test/perm$ ls -al
total 8
drwxrwxrwx  2 john src  4096 2007-01-07 20:25 .
drwxr-sr-x 10 john john 4096 2007-01-07 20:16 ..
-rw-------  1 john john    0 2007-01-07 20:24 foo
kate at knight:/home/john/test/perm$ touch bar
kate at knight:/home/john/test/perm$ echo "Hello" >>foo
-su: foo: Permission denied
kate at knight:/home/john/test/perm$ rm -f foo
kate at knight:/home/john/test/perm$ ls -al
total 8
drwxrwxrwx  2 john src  4096 2007-01-07 20:26 .
drwxr-sr-x 10 john john 4096 2007-01-07 20:16 ..
-rw-r--r--  1 kate kate    0 2007-01-07 20:25 bar
kate at knight:/home/john/test/perm$


The directory permissions control whether or not a user can write to the 
*directory*, not to the files therein.  The user kate can thus happily 
delete the file "foo", but she can't write to it.  Directory permissions 
most definitely *do not* override individual file permissions.

John
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug