I can delete my files in someone elses drop box

Discussion in 'Unix & X11' started by aicul, May 27, 2005.

  1. aicul

    aicul Registered

    Joined:
    Mar 24, 2004
    Messages:
    572
    Likes Received:
    0
    Trophy Points:
    0
    Dop boxes are folders in which users have write-only access and the owner of the drop box has read+write.

    Some time ago I wrote in this forum how it was possible to modify the contents of a file that you had placed in someone elses drop box.

    I have now found how to delete a file you have placed in someone elses drop box. It's simple, copy the file to the drop box. Te file is now in the drop box you have chosen. To remove the file from this drop box, just use Finder>edit>undo.

    I accept this is more an intellectual exercise :eek: , but it does mean that drop boxes are NOT really Write-Only.
     
  2. lurk

    lurk Mitä?

    Joined:
    Mar 30, 2002
    Messages:
    2,088
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Land o' skeeterz
    What did you read? You still only wrote, you just happened to overwrite what was there. What you want is "write once".
     
  3. aicul

    aicul Registered

    Joined:
    Mar 24, 2004
    Messages:
    572
    Likes Received:
    0
    Trophy Points:
    0
    No I deleted. As I said intelectual. You can make a point that deletion is an extension of writing. Point taken.

    My point is based on Apple's definition of "drop box", summarized in the following statement from finder>help>drop box.
    First I point out that if you "give" something to someone, you cannot take it back. Deletion is taking it back.

    When you drag a file to a drop box, there is a finder message that states that you do not have access permissions to the contents of the drop box folder. In my eyes, to be able to delete a file, you must have Read access to the folder to know what is inside.
     
  4. g/re/p

    g/re/p I can haz cigar?

    Joined:
    Mar 8, 2003
    Messages:
    1,711
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    I am the eggman, they are the eggmen, I am the wal
    Location:
    sitting on a cornflake, waiting for the van to com
    One of the things discussed in the original thread was that
    you can delete files you put in someone elses drop box.
    This is somehow now a revelation? :D
     
  5. lurk

    lurk Mitä?

    Joined:
    Mar 30, 2002
    Messages:
    2,088
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Land o' skeeterz
    Well if you want to play that game, copying data is not a "giving" of a "thing". You never "gave" you "wrote" - you never "took back" you "rewrote".

    It is not me being intellectual just for fun the problem is that the computer file physical page metaphor only goes so far and this is one place in which it breaks down.
     
  6. HateEternal

    HateEternal Mac Metal Head

    Joined:
    Nov 25, 2003
    Messages:
    821
    Likes Received:
    1
    Trophy Points:
    0
    I would assume that unix permissions are used in the drop box, any files that are written are written with rwx for user and r only for others, thus it makes sense that you can delete files you wrote.

    I could check, but that would mean I am not lazy.
     
  7. ElDiabloConCaca

    ElDiabloConCaca U.S.D.A. Prime

    Joined:
    Aug 22, 2001
    Messages:
    14,522
    Likes Received:
    16
    Trophy Points:
    0
    Occupation:
    Director of IT
    Location:
    San Antonio, Texas
    If I'm not mistaken, if you have write access, then you can also delete -- that's what write access is.

    If you copy a file normally, then try to delete it normally (not using the "undo" command"), can you still delete the file?
     
  8. spb

    spb Registered

    Joined:
    Dec 8, 2004
    Messages:
    137
    Likes Received:
    0
    Trophy Points:
    0
    The Drop Box folder has permission (drwx-wx-wx) so anyone can write to it and execute from it, but only the owner has permission to read what exists in the folder.

    If I copy from something that I own to another user's Drop Box the permissions of the file is the same as it was when I had it in my account and I am still the owner.

    This means that you can overwrite the files you drop into someones dropbox unless you change the permissions to r-x before you drop it.

    Also, if you have a file with permissions (rwx------) that you copy to someone else's Drop Box then the other user can't read this file, unless they use sudo to chown or chmod the file.
     
  9. scruffy

    scruffy Notorious Olive Counter

    Joined:
    Dec 6, 2000
    Messages:
    1,725
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Soviet Canuckistan
    In fact, if A puts a file in B's drop box, and C guesses the file name, C can delete it. Using the terminal, C can do

    rm ~B/Public/Drop\ Box/file.txt

    This is because the permissions lack the sticky bit, which says that users can only delete or overwrite files that they put there.

    To set the sticky bit on your own drop box:

    chmod +t ~/Public/Drop\Box
     
  10. aicul

    aicul Registered

    Joined:
    Mar 24, 2004
    Messages:
    572
    Likes Received:
    0
    Trophy Points:
    0
    Lots of good sense. Like the sticky bit, have to read further into that.

    Here is an amusing post I found while searching Apples knowledge base.

    I think, the example given is not so great.
    ::ha::
     
  11. scruffy

    scruffy Notorious Olive Counter

    Joined:
    Dec 6, 2000
    Messages:
    1,725
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Soviet Canuckistan
    If Apple had by default set the sticky bit (there's a man page for "sticky") then it would be a good example. Does anyone who has Tiger know if they've done this? I'm still on 10.3.9.
     
  12. aicul

    aicul Registered

    Joined:
    Mar 24, 2004
    Messages:
    572
    Likes Received:
    0
    Trophy Points:
    0
    I don't think they did.
     
  13. lurk

    lurk Mitä?

    Joined:
    Mar 30, 2002
    Messages:
    2,088
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Land o' skeeterz
    The problem with setting the sticky bit is that the owner of the drop box might not be able to move or delete the file. I could be missing something but I think that the permissions Apple have chosen are the only ones that will work.

    aicul Why is the assignment drop box such a stupid example? What failure mode do you see as the most troubling and what are the alternatives?
     
  14. scruffy

    scruffy Notorious Olive Counter

    Joined:
    Dec 6, 2000
    Messages:
    1,725
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Soviet Canuckistan
    Actually, I don't think that should be a problem:

    A file in a sticky directory may only be removed or renamed by a user if the user has write permission for the directory and the user is the owner of the file, the owner of the directory, or the super-user.

    So - a file can be deleted by the owner of the directory, or the owner of the file, or root, but not by someone else.
     
  15. aicul

    aicul Registered

    Joined:
    Mar 24, 2004
    Messages:
    572
    Likes Received:
    0
    Trophy Points:
    0
    Well if I remember the sillyness I was up to high school/college I would certainly use the ability to remove files to delete my room-mates assignment as a joke (and his revenge would be fun too...). Then there are options to use this very mecanism to alter your own homework after due date - this being less ethical of course.

    I stand by my belief, a drop box is like a post service letterbox, once the letter is in the box, there is no altering, deleting of the letter, and the destination reader can read it without further ado.
     
  16. scruffy

    scruffy Notorious Olive Counter

    Joined:
    Dec 6, 2000
    Messages:
    1,725
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Soviet Canuckistan
    If you want features like that, email is probably the way to go. The drop box is really just a folder on a file system - there's only so much you can do with that.
     

Share This Page