ftp download problem

mkhsy · September 19, 2005, 3:44am

from windows ftp tool even you are not root user you can delete root files

blowtorch · September 19, 2005, 5:08am

So what exactly is your question? And if it is about Windows, isn't it the wrong category?

mkhsy · September 19, 2005, 5:32am

the question is when i coneect via windows ftp tool to HP UX from a user not root i can delete and modify root files

vgersh99 · September 19, 2005, 7:05am

hmmmmmm... still sounds like a statement to me!

denverd0n · September 19, 2005, 11:13am

It would appear that English is not your first language, and you're having some trouble wording your question. It would also appear to me that what you're trying to ask is, how do you delete files owned by root when you are not connected as root?

The answer to that question is, root must set the permissions on those files so that whoever you are logging in as has permission to delete them.

I hope this helps.

mkhsy · September 22, 2005, 12:48am

it seems you all don't understand what i want
my question is :
why when i connect to HP UX (via windows ftp tool and with non root user) i can delete any file , so what the solution to stop this ?

RishiPahuja · September 22, 2005, 1:30am

dear what you mean by any file? is it irrespective of file permissions you are able to delete?

I think why you are able to delete files by user other then root because the directory files reside have rw permissions set for all users.

Will be good if you can post the parent directory permissions as well some sample files permissions which you are able to delete.

rishi

denverd0n · September 22, 2005, 11:15am

Apparently I had your question backwards. It now seems that you want to know how to prevent a user from deleting files that do not belong to that user. This has nothing to do with FTP. It has to do with the permissions that are set for the files. If any random user is able to delete a file owned by root it is because the file permissions are set to allow that.

Here is an example of a file listing for a file owned by "anyuser" that can be written to and/or deleted by everyone on the system:

-rw-rw-rw- 2 anyuser mygrp 96 Apr 12 10:22 filename

If I wanted to prevent other users from being able to delete this file I would issue the following command:

chmod 644 filename

After that the file listing would look like this:

-rw-r--r-- 2 anyuser mygrp 96 Apr 12 10:22 filename

Other users are now allowed to read the file, but cannot delete it or change it.

Perderabo · September 22, 2005, 12:04pm

RishiPahuja is correct, file deletion is controlled by write permission to the directory that contains the link. See Unix File Permissions