On Wed, 2010-03-10 at 10:07 +1100, Craig Dibble wrote: > Does anyone have any thoughts on removing the sticky bit on the > /var/tmp directory and setting it to 777?
Don't do it. > through that folder, in the order of more than 100GB. We have cleanup > scripts which need to be able to remove files and folders to reclaim > space every time a job finishes but the files are created by the user > who launched the job, and the control process, and hence the cleanup, > runs as a different user. The sticky bit means a user can delete files in the directory if that user owns the file they are deleting PLUS the owner of the directory can delete files. I would suggest using a rwxrwxrwt spool directory in /var/spool/something owned by the uid that process the data. Any user can spool data for processing, but only the app (and the user who spooled the data) can remove the data files. -- Peter Miller <pmil...@opensource.org.au> -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
