|
228 | 228 | classic UNIX without fine grained privileges). If the user is equal, the |
229 | 229 | group/other rights are not used even though them permit more than what user |
230 | 230 | rights do. Similarly the others rights are not used if the group is equal. |
231 | | -\emsl{Therefore if a file owned by my user has the rights set to |
232 | | -\texttt{---rwxrwx}, I cannot read/write/execute it until I change the rights.} |
| 231 | +\emsl{Therefore if a file owned by a user has the rights set to |
| 232 | +\texttt{---rwxrwx}, the user cannot read/write/execute it until he/she changes |
| 233 | +the rights.} |
233 | 234 | \item More and more systems diverge from the classic model where many processes |
234 | 235 | were running under a user with UID 0. A security vulnerability in such an |
235 | 236 | application meant total control of the system. To thwart this, these systems |
236 | 237 | employ models like \emph{least privilege} in Solaris or \emph{privilege |
237 | 238 | separation} and \emph{pledge} in OpenBSD. |
238 | 239 | \item \label{FILEDELETE} In order to delete a file, the user has to have a right |
239 | | -to write to the \emsl{directory} containing the file, because this is the |
240 | | -``file'', that is being changed. \emsl{The rights of the file to be deleted are |
| 240 | +to write to the \emsl{directory} containing the file, because that is actually |
| 241 | +the ``file'' being changed. \emsl{The rights of the file to be deleted are |
241 | 242 | not relevant}; the shell might give you a warning that you are about to delete a |
242 | | -file for which you do not have the right to write, however this is just |
243 | | -informative. It is logical -- if you set a file as read-only, the shell will |
244 | | -deduce that you do not normally want to delete such file. See the example below. |
| 243 | +file for which you do not have the right to write, however that is just a |
| 244 | +warning, the operation will proceed. It is quite logical -- if you set a file |
| 245 | +as read-only the shell will deduce that you probably do not want to delete such |
| 246 | +a file. See the example below. |
245 | 247 | \emsl{Unix systems do not have delete-like operation for a fike}, the file is |
246 | 248 | deleted automatically once it is no longer referenced from directory structure |
247 | 249 | and the file is not open by any process. |
|
0 commit comments