[...]
> Just my 2 cents, but if your environment is that hostile, you don't eve=
> n need to lock your directories. A simple solution is to modify (or wrap)
> rm in such a way that it truncates the files to size 0 before unlinking
> them. No leak of quota space, no security concern, no need to lock one's
> directory, no need for set[gu]id script, no need for new groups...
That way they can still hit your inode quota, plus you can't keep hard
links yourself: Any rm(1) would clobber the file for good. But in any case,
if your environment is *this* hostile, you better take really extraordinary
measures. And there I'm afraid the rather weak traditional Unix security
model is way out of question anyway. I'd start thinking of relocating,
myself.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viņa del Mar, Chile +56 32 672616- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/