We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

About Directory and File Read and Write Rights

tommyliu
tommyliu asked
on
Medium Priority
338 Views
Last Modified: 2010-04-22
Dear all,

   In is possible have a directory that allow all group member Read and Write, but can delete this directory by group member.
  For example : There have a directory call "Company Excel File". All members in "EXCEL" group can read and write in "Company Excel File" directory, but not allow delete "Company Excel File" directory, how can I do it. I use redhat 9.
   Thanks for you help !

Tommy

Comment
Watch Question

yes you do

chmod 740 directory
but on the files you do chmod 750
this means they can read the directory and changes the files in the directory.

http://mason.gmu.edu/~montecin/UNIXpermiss.htm this is a good document on file perms on unix/linux.

To make it clear to change a file you do not have to give write access on the directory permissions :)
I am wrong 4 is read 5 is read execute 6 is read write 7 is all
So it should be 760 on the files instead of 750. If they need to execute it should be 770.

Author

Commented:
Dear bloemkool1980,
   It is impossible for my case. It is because directory chmod 770, the group user can delete the directory.

Tommy
I can understand your directory has that rights but is it needed and if so then you cannot do a lot.

Commented:
Let's assume you have the following :

Directory dirs
containing directory excelfiles
containing files

dirs has to be mode 750 (everybody in the group can go there, list directories and files, but not modify the directory content).
excelfiles has to be 770 (everybody in the group can go there, list directories and files, add files, remove files).

This means that, NO, owners and group can not delete a directory based on it's own access rights.
To delete a directory, the parent directory must bear rights allowing users to modify it's own structure.
The reason for that is that deleting a directory (or a file) means affecting the structure of the parent directory (because you modify it's content).
So the one that has to be protected is the parent.

Is that clear ?
That is what I said and it seems he would like to have 770 on the directory so then ofcourse you cannot protect the directory from being deleted.

Commented:
I'm sorry, but, yes, you can.
Just have the parent directory not in mode 770. Looks like that's the author is looking for.
I you like to have your directory in 770 you cannot do what he tells duhuh
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.