Sticky Bit Coming Unstuck
in [UK Mac]
|
From: R on 27 Apr 2010 08:23 I can delete other user's files in '/Users/Shared'. E.g., this test file: bash: ls -el testfile -rw-r--r-- 1 cubic wheel 0 27 Apr 13:09 testfile (I am not the user 'cubic'). In Finder the file goes to the trash can immediately. At a bash prompt: bash: rm testfile override rw-r--r-- cubic/wheel for testfile? y bash: These are the permissions for '/Users/Shared': bash: ls -eld /Users/Shared/ drwxrwxrwt 15 root wheel 510 27 Apr 13:11 /Users/Shared/ I'm perplexed! This behaviour seems to go against what is written here: http://osxfaq.com/Tutorials/LearningCenter/AdvancedUnix/ugp2/index.ws
From: Bruce Horrocks on 27 Apr 2010 16:59 On 27/04/2010 13:23, R wrote: > I can delete other user's files in '/Users/Shared'. > > E.g., this test file: > > bash: ls -el testfile > -rw-r--r-- 1 cubic wheel 0 27 Apr 13:09 testfile > > (I am not the user 'cubic'). In Finder the file goes to the trash can > immediately. At a bash prompt: > > bash: rm testfile > override rw-r--r-- cubic/wheel for testfile? y > bash: And did the file get deleted or not? I presume yes because at the top you wrote "I can delete other user's files in '/Users/Shared'." > > These are the permissions for '/Users/Shared': > > bash: ls -eld /Users/Shared/ > drwxrwxrwt 15 root wheel 510 27 Apr 13:11 /Users/Shared/ > > I'm perplexed! This behaviour seems to go against > what is written here: > > http://osxfaq.com/Tutorials/LearningCenter/AdvancedUnix/ugp2/index.ws What has gone against what? You appear to have deleted a file without being the owner and that is exactly what this page says can happen. -- Bruce Horrocks Surrey England (bruce at scorecrow dot com)
From: Jaimie Vandenbergh on 27 Apr 2010 17:03 On Tue, 27 Apr 2010 21:59:13 +0100, Bruce Horrocks <07.013(a)scorecrow.com> wrote: >On 27/04/2010 13:23, R wrote: >> I can delete other user's files in '/Users/Shared'. >> >> E.g., this test file: >> >> bash: ls -el testfile >> -rw-r--r-- 1 cubic wheel 0 27 Apr 13:09 testfile >> >> (I am not the user 'cubic'). In Finder the file goes to the trash can >> immediately. At a bash prompt: >> >> bash: rm testfile >> override rw-r--r-- cubic/wheel for testfile? y >> bash: > >And did the file get deleted or not? I presume yes because at the top >you wrote "I can delete other user's files in '/Users/Shared'." > >> >> These are the permissions for '/Users/Shared': >> >> bash: ls -eld /Users/Shared/ >> drwxrwxrwt 15 root wheel 510 27 Apr 13:11 /Users/Shared/ >> >> I'm perplexed! This behaviour seems to go against >> what is written here: >> >> http://osxfaq.com/Tutorials/LearningCenter/AdvancedUnix/ugp2/index.ws > >What has gone against what? > >You appear to have deleted a file without being the owner and that is >exactly what this page says can happen. No, it says that will happen *unless* the sticky bit is set on the containing folder - which it is. Then only the folder or file owner should be able to delete. Unless R's user is also in group wheel, in which case it is one of the folder owners? I can't see anywhere that the page says which version of OSX it applies to - perhaps this is another of those things that Apple have (wrongly) deemed unnecessary recently? Cheers - Jaimie -- "On two occasions I have been asked [by members of Parliament], 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question."
From: R on 28 Apr 2010 03:43 Bruce Horrocks <07.013(a)scorecrow.com> wrote: > On 27/04/2010 13:23, R wrote: > > I can delete other user's files in '/Users/Shared'. > > > > E.g., this test file: > > > > bash: ls -el testfile > > -rw-r--r-- 1 cubic wheel 0 27 Apr 13:09 testfile > > > > (I am not the user 'cubic'). In Finder the file goes to the trash can > > immediately. At a bash prompt: > > > > bash: rm testfile > > override rw-r--r-- cubic/wheel for testfile? y > > bash: > > And did the file get deleted or not? I presume yes because at the top > you wrote "I can delete other user's files in '/Users/Shared'." Yep. If you can't delete the file you will see "Permission denied".
From: R on 28 Apr 2010 04:20
Jaimie Vandenbergh <jaimie(a)sometimes.sessile.org> wrote: > No, it says that will happen *unless* the sticky bit is set on the > containing folder - which it is. Then only the folder or file owner > should be able to delete. > > Unless R's user is also in group wheel, in which case it is one of the > folder owners? I've checked my group membership and I'm not a member of wheel. > I can't see anywhere that the page says which version of OSX it > applies to - perhaps this is another of those things that Apple have > (wrongly) deemed unnecessary recently? Hmmz. This is not good. I had two files in '/Users/Shared'. One named 'hello' (don't ask me why!) created by 'cubic', the admin. The other was named "testfile" and created by an ordinary user. Then, having logged in as that ordinary user: bash: cd /Users/Shared/ bash: rm hello override rw-r--r-- cubic/wheel for hello? y rm: hello: Permission denied bash: rm testfile bash: rm hello override rw-r--r-- cubic/wheel for hello? y bash: Oh dear! Something is terribly wrong here. It's almost as if... the '/Users/Shared' directory file is being left open with write access after the first 'rm' and that allows the subsequent 'rm' to go through unopposed. Can any of you replicate this? If you can, it looks like an ugly bug and one I need to report asap. Thanks, R. |