[X-Newbies] Re: file locks-can't save files

Chris Morland cmorland at cra.lacity.org
Fri May 27 16:00:06 PDT 2005 

Tried all suggestions with no results, but many thanks for all your  
help all the same.  Solution: time for that custom G5.

On May 26, 2005, at 8:31 PM, Alex wrote:

>
> On May 26, 2005, at 18:12, Charles Martin wrote:
>
>> [...] your permissions are PROFOUNDLY screwed up [...]
>>
>> The easiest solution to this problem that I have found:
>> 1. Download BatCHmod (available from versiontracker, macupdate, et al)
>> 2. Run the program.
>
> I seriously doubt Charles' diagnosis is correct.
>
> If, as I believe, the problem is the immutable flag, then BatChmod  
> cannot help. It does not handle it.
>
> There are two immutable flags, user and system. The former can be  
> changed with chflags, but, if the system immutable flag is set, then  
> even root can't change it in multi-user mode.
>
> I strongly advise reading the relevant Apple KB doc
>
> <http://docs.info.apple.com/article.html?artnum=106237>
>
> and, for slightly more detail
>
> <http://www.osxfaq.com/Tutorials/LearningCenter/AdvancedUnix/ugp2/ 
> page2.ws>
>
>> 4. Set permissions as you want them, which should be as follows:
>> [...]
>> Under owner, all three boxes (r,w,x) should be checked.
>> Under Group, just the r and x boxes should be checked.
>> Under Everyone, just the r and x boxes should be checked.
>>
>> Check the "Apple ownership and privileges" to "Enclosed files and  
>> folders." Leave the "unlock" box unchecked.
>> 5. Hit Apply.
>
> Assuming Charles' diagnosis is right, this is _not_ good advice.  
> Consider what this action would accomplish. Hit Apply -- and you've  
> given _every_ user permission to search each and every one of your  
> folders, read each and every one of your documents, and launch any  
> scripts you might have. (The only thing they can't do is change or  
> trash your files.) This is a serious breach of security.
>
> User permissions were actually designed in a more subtle manner;  
> applying a batch change at the top level of your home directory is not  
> going to restore them to the correct values. Consider, for instance,  
> the Documents, Public, and Drop Box folders. You do not want to grant  
> any kind of access to either the group or the world to the former. You  
> do want to allow everyone to access but not modify the second, and  
> modify but not see the contents of the latter, otherwise they lose  
> their raison d'etre.
>
> Whenever you propose to use a tool like BatChmod -- which ideally  
> should come with a tutorial on permissions, but unfortunately doesn't  
> -- think first long and hard about what the result will actually be.
>
> And, btw, if you want to see what permissions should be on your home  
> folder, check permissions on the appropriate item in  
> /System/Library/User\ Template/
>
> <0x0192>
>
> _______________________________________________
> X-Newbies mailing list
> X-Newbies at listserver.themacintoshguy.com
> http://listserver.themacintoshguy.com/mailman/listinfo/x-newbies
>
> Listmom is trying to clean out his closets! Vintage Mac and random  
> stuff:
>         http://search.ebay.com/_W0QQsassZmacguy1984

More information about the X-Newbies mailing list