Author: Dainis Boumber
Follow the instructions in this gist to create a directory under / for which, depending on the user's permissions, it will be possible to:
- read, copy, write, move, paste, and delete files and folders inside
- run and execute programs and scripts within
yet it will NOT possible to:
- Delete the directory itself
- Move or rename it
- Change it's permissions, then proceed to do anything (can often be done without sudo)
This is very useful for protection from accidental or malicious deletion of a directory containing all work-related projects or anything else important
First, you need to be a root user, so do sudo su. Next, you will essentially copy over
the permissions and access rights of the /tmp directory, because it does what our directory
will be doing. In this example, we are creating a work directory:
root@ubuntu:/# mkdir /work
root@ubuntu:/# chmod --reference=/tmp /work
Now, log out of su and test if it worked:
dainis@ubuntu:/$ mkdir /work/ner
dainis@ubuntu:/$ ls /work
ner
dainis@ubuntu:/$ rm -rf /work
rm: cannot remove `/work': Permission denied
dainis@ubuntu:/$ rm -rf /work/ner
dainis@ubuntu:/$
This it, you are done!