Marcelo Magno T. Sales wrote:
Em Quarta 27 Dezembro 2006 04:25, Cameron Simpson escreveu:
On 26Dec2006 13:46, Marcelo Magno T. Sales <marcelo.sales@xxxxxxxxxxxxxxx>
wrote:
| Em Ter?a 26 Dezembro 2006 12:54, Marcelo Magno T. Sales escreveu:
[...]
| > user02, as expected, is not able to read nor modify the contents of
| > this file, as he does not have read nor write permissions on it.
| > However, he can delete the file, because he has write permissions on
| > /test, once he's member of the group users.
| > However, if user02 opens file.txt in VIM, edit it and then save it with
| >
| > :w!, the file is modified, saved, and its ownership is altered to
| >
| > user02:users. How can this happen?? How can VIM alter the ownership and
| > write to this file, if user02 is not it's owner and have no permissions
| > on it? user02 can't do that using chown, chmod nor chgrp, but using VIM
| > he can?!
|
| Never mind. VIM must be removing the existing file and creating another
| one with the same name, which it has permission to do. It does not
| effectively change the existing file, it just replaces it.
Yep. Does this annoy you as much as it does me?
Yes, it does :)
While I'd expect an editor to normally write back to the original
file to maintain symlinks, ownership and modes in the case where
the file is writable, this sounds exactly right and what the
user would do manually himself in case write access is denied
and the user has issued the :w! directive. Without the '!' it
should give a 'file is read-only' error.
Set the sticky bit on the directory if you don't want people
who don't have write permission on the file to be able to delete
it. Then they will be forced to save under a different name.
--
Les Mikesell
lesmikesell@xxxxxxxxx