HPE Community
Operating System - HP-UX
1836365 Members
2032 Online
110100 Solutions
New Discussion

quick permissions question - I hope

 
SOLVED
Go to solution
Adam Noble
Super Advisor

‎01-08-2007 08:53 PM

‎01-08-2007 08:53 PM

quick permissions question - I hope

Hi,

Can somebody clarify something. I have a file which is owned by a specific user with permissions 666 and I want to move it as another user to an alternate directory. The mv works fine however it gives an error saying it can't set the file owner or group as I'm not the owner. It just seems a little strange to me that you can move a file yet you can't change its ownership. Is it simply that I would need execute permission to be able to do this.

Thanks
0 Kudos
Reply
3 REPLIES 3
Peter Godron
Honored Contributor

‎01-08-2007 09:16 PM

‎01-08-2007 09:16 PM

Solution

Re: quick permissions question - I hope

Adam,
you are correct.
With rw permission you can move the file, but not change ownership. You can cp the file and you become the owner of the copy.

Reply
Dennis Handly
Acclaimed Contributor

‎01-10-2007 07:54 PM

‎01-10-2007 07:54 PM

Re: quick permissions question - I hope

Are you moving it to another filesystem? If not, the owner/group will not change.

There may be additional issues if the sticky bits are set?
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎01-10-2007 11:18 PM

‎01-10-2007 11:18 PM

Re: quick permissions question - I hope

This is a common question. There are two permissions settings for every file. The file's permissions only affect the file's contents and not it's existence. A file can have wide open permissions (666) and yet you are not allowed to create a file, remove it, rename or move the file unless you have permission to do so from the directory.

There is a big difference between copy and move. For a cp to succeed, you only need read permission for the source file. But the mv command must have read permission for the source file plus write permission for the parent directory of the source file. Always remember this:

A file's contents are governed by it's permission, but the file's existence (create, remove) are governed by it's directory.

To create, rename, move or remove a file, the directory must allow write privileges. A file with 000 permissions can be removed by anyone if the directory has world write permissions. That's why 777 directories are only useful for temporary or junk files. To control the random removal of files, you can set the t bit (also called the sticky bit) to prevent any user except the owner to remove a file. The chmod command is chmod 1777 /some_dir

Now execute bits on a file are often misused, especially when trying to fix a problem with 'permission denied' error messages. 777 is the worst possible setting for any file since it can be run by accident as a script. You also never want 777 permissions on any file because the contents can be changed by every user on the system.

The same is true for 666. Any user can destroy the contents of a 666 file.


Bill Hassell, sysadmin
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.