You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andrus Moor <ee...@online.ee> on 2004/01/11 15:41:54 UTC
[users@httpd] How to create file which can be deleted by other
My C cgi script called from Apache creates a file:
umask(0);
atnFile = fopen( "/tmp/vf000067.atn","w" );
...
fclose( atnFile );
I want to delete this file from application running from other non-root
account. Unfortunately, this is not possible:
andrus@acer:/tmp$ ls -l vf000067.dat
-rw-rw-rw- 1 www-data www-data 597 Jan 11 15:23 vf000067.dat
andrus@acer:/tmp$ rm vf000067.dat
rm: cannot unlink `vf000067.dat': Operation not permitted
How to create a file in C which can be deleted by other?
If I swith to root and use
chmod 0777 vf000067.dat
file can be deleted in non-root account. However, I cannot switch to root
inside my application.
Environment:
Debian Woody
Apache 1 and GCC installed by Debian distro in standard way.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] How to create file which can be deleted by
other
Posted by Marty Landman <ML...@face2interface.com>.
At 09:41 AM 1/11/2004, Andrus Moor wrote:
>I want to delete this file from application running from other non-root
>account. Unfortunately, this is not possible:
>
>How to create a file in C which can be deleted by other?
>
>If I swith to root and use
>
>chmod 0777 vf000067.dat
>
>file can be deleted in non-root account. However, I cannot switch to root
>inside my application.
Andrus, I write apps in Perl and PHP mainly but I don't think the language
used is relevant. At the time you create the file change the permissions to
777, or the least restrictive you can arrange; e.g. if the other user can
be put in the same group as the creator of the file then 664 might be enough.
Marty Landman Face 2 Interface Inc 845-679-9387
Sign On Required: Web membership software for your site
Make a Website: http://face2interface.com/Home/Demo.shtml
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] How to create file which can be deleted by other
Posted by Aaron W Morris <aa...@mindspring.com>.
Andrus Moor wrote:
> My C cgi script called from Apache creates a file:
>
> umask(0);
> atnFile = fopen( "/tmp/vf000067.atn","w" );
> ...
> fclose( atnFile );
>
> I want to delete this file from application running from other non-root
> account. Unfortunately, this is not possible:
>
> andrus@acer:/tmp$ ls -l vf000067.dat
> -rw-rw-rw- 1 www-data www-data 597 Jan 11 15:23 vf000067.dat
>
> andrus@acer:/tmp$ rm vf000067.dat
> rm: cannot unlink `vf000067.dat': Operation not permitted
>
> How to create a file in C which can be deleted by other?
>
> If I swith to root and use
>
> chmod 0777 vf000067.dat
>
> file can be deleted in non-root account. However, I cannot switch to root
> inside my application.
>
> Environment:
>
> Debian Woody
> Apache 1 and GCC installed by Debian distro in standard way.
You are making incorrect assumptions about how file permissions work.
Setting mode 0777 (or 0666) on a file will allow any user to modify a
file, but deleting a file is not modification. The ability to delete
depends solely on the permissions of the parent directory.
The solution to your problem is to create a directory under /tmp, give
the directory mode 0777, and create your files there with at least mode
0666.
You can have a file, owned by root, with mode 0000 in a directory and
any user will be able to delete the file as long as said user has write
permissions to the directory.
I suppose there is an exception to this rule... /tmp usually has the
sticky bit set which means that even with mode 1777 only the user (or
root) that creates a file can modify/delete it. I suppose running the
chmod command on the file as root overrides the stickiness (this might
even be a bug in the filesystem code).
--
Aaron W Morris <aa...@mindspring.com> (decep)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org