Assuming that I have this directory structure: /tmp/mysockets/appname/
What are the security drawbacks to doing chmod 777 on /tmp/mysockets/? Could another user delete or mess with the reference to the appname/ directory? What I want to do is allow other users to add their own directories to /tmp/mysockets/ but I don’t want to allow them to rename it or delete files/subdirectories which are already inside it (owned by another user).
Advertisement
Answer
I think you are looking for sticky bit, thats will do what you want. With permissions 777 you grant read/write permissions to everybody therefore the files can be removed/renamed
A sticky bit is a permission bit that is set on a directory that allows only the owner of the file within that directory or the root user to delete or rename the file. No other user has the needed privileges to delete the file created by some other user.
To set a sticky bit use following
chmod o+t /tmp/mysockets/
or e.g.
chmod 1757 /tmp/mysockets/