Re: File permission confusion [Debian 9.1 with MATE]
- Date: Tue, 02 Jan 2018 16:31:15 +0100
- From: "Thomas Schmitt" <scdbackup@xxxxxxx>
- Subject: Re: File permission confusion [Debian 9.1 with MATE]
Richard Owlett wrote:
> You might add "How it will be interpreted by a Windows refugee :/
Keep in mind that the roots of our home are very old
and that the rules made back then are still the base for operation.
New layers have been added on top of them.
> I suspect at least attempting to understand the differing goals of chmod and
> chattr could be valuable.
The concept of ownerships, of their manipulation by chmod, chown, chgrp,
and of an allmighty superuser is part of the original layer.
They accompany the concept of a file object ("inode") and directory entries
("dirent" or "hardlink") which have a name and refer to the nameless file
object. This inode stores ownership, permissions, and file content.
Later came Access Control Lists (ACL, getfacl, setfacl) and ext2 file
attributes (lsattr, chattr).
ACL shall make permissions more finely adjustable than the three stage
relationship model of owner, group members, and unprivileged others.
"chattr +i" shall enforce a read-only setting by keeping even the superuser
from overriding it without prior lifting the ban by "chattr -i".
Other chattr attributes may control or indicate filesystem specific features.
Michael Stone wrote:
> > There is nothing a user can do to *prevent* himself from destroying his
> > own files,
Greg Wooledge wrote:
> Actually, there is. It's called making a backup.
This is a very good point.
Have a nice day :)