Marc Perkel wrote: > That not a problem - it's a feature. In such a > situation the person would get a general file creation > error.
Feature or not, it's still vulnerable to probing by malicious users. If there are create permissions on the directory, the invisibility is not perfect. > Although it isn't likely people would structure > files with invisible files in directories that the > user has create permissions [...] ... /tmp ... > [...] it is logical that if I > put a file in a place where the user has no rights I > want it to stay there. Currently the user can delete > files where they have no rights. Indeed. The sticky bit works around this, but IMHO it's a hack. > I might also want to restrict the kind of a user can > createor give permission to create only certian file > names. > > /etc/vz/conf/*.conf - create - readonly - self-rw > /etc/vz/conf - deny > > This would allow the user to read all *.conf files, > create new *.conf files, and full permissions to > read/write/delete files that the user created but not > files that others created. If listing a directory then > only the *.conf files would appear even if other files > are in the directory. It'd be interesting to find a use case for this, but that's no reason not to provide the functionality. > Marc Perkel > Junk Email Filter dot com > http://www.junkemailfilter.com -- m. tharp - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/