httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aaron W Morris <aaronmor...@mindspring.com>
Subject Re: [users@httpd] How to create file which can be deleted by other
Date Sun, 11 Jan 2004 21:08:29 GMT
Andrus Moor wrote:

> My C cgi script called from Apache creates a file:
> 
> umask(0);
> atnFile = fopen( "/tmp/vf000067.atn","w" );
> ...
> fclose( atnFile );
> 
> I want to delete this file from application running from other non-root
> account. Unfortunately, this is not possible:
> 
> andrus@acer:/tmp$ ls -l vf000067.dat
> -rw-rw-rw-    1 www-data www-data      597 Jan 11 15:23 vf000067.dat
> 
> andrus@acer:/tmp$ rm vf000067.dat
> rm: cannot unlink `vf000067.dat': Operation not permitted
> 
> How to create a file in C which can be deleted by other?
> 
> If I swith to root and use
> 
> chmod 0777 vf000067.dat
> 
> file can be deleted in non-root account. However, I cannot switch to root
> inside my application.
> 
> Environment:
> 
> Debian Woody
> Apache 1 and GCC installed by Debian distro in standard way.


You are making incorrect assumptions about how file permissions work. 
Setting mode 0777 (or 0666) on a file will allow any user to modify a 
file, but deleting a file is not modification.  The ability to delete 
depends solely on the permissions of the parent directory.

The solution to your problem is to create a directory under /tmp, give 
the directory mode 0777, and create your files there with at least mode 
0666.

You can have a file, owned by root, with mode 0000 in a directory and 
any user will be able to delete the file as long as said user has write 
permissions to the directory.

I suppose there is an exception to this rule...  /tmp usually has the 
sticky bit set which means that even with mode 1777 only the user (or 
root) that creates a file can modify/delete it.  I suppose running the 
chmod command on the file as root overrides the stickiness (this might 
even be a bug in the filesystem code).

-- 
Aaron W Morris <aaronmorris@mindspring.com> (decep)




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message