Hello, At the risk of spouting off before getting more information (this is something I think I can actually contribute to, after all), what you're probably looking for is the sticky bit in the directory permissions.
What it boils down to is this: you set the sticky bit for the directory and only the owner of the file can delete it. The other users still have the ability to read/write/execute according to permissions on the file, they can even create files in the directory (if permissions allow) and then only they can delete them (other than root, of course). Obviously this doesn't prevent someone with write access from replacing the contents of a file with garbage. And there might be situations where this is not fool-proof... for example: "On most BSD UNIXes, files are owned by the group that owns the directory in which you create the file." Does that mean that anyone who is a member of the group who owns the directory may delete another users file in that directory? I don't know. Maybe setting the directory to a group that has no members and that has world rwx permissions would solve that. I haven't used the sticky bit much myself, other than dabbling with it to grant access to, but prevent accidental deletion of, digital photos. Oh, you set the sticky bit thus: chmod 4775 directoryname or I think this works, too: chmod u+t directoryname Good luck, Jennifer On Mon, 22 Sep 2003, Nicholas Thornton wrote: > So I've been put in charge of setting up and > maintaining our department's new dispatch/switchboard > computer. In trying to keep it clean and in order, I > was hoping, if possible, to be able to give users > read/write access to information in files themselves, > but to block them from renaming the files or moving > them. > > I tried giving r-x access to a folder and rwx access > to the file inside. This lets them open the file and > prohibits them from moving/renaming it, but prohibits > them from saving any changes (because they can't write > to the folder). > > Is this an impossible feat I'm hoping for? If not, > then how could I go about it? > > ~wren
