How to lock a file against deletion but still make it writeable?

linux windows filesystems
23,604

Solution 1

For Windows:

  1. Deny "Delete" permission on the file.
  2. Remove or deny "Delete child items" permission on the parent directory.

For Unix (including OS X):

  1. Remove "Write" permission on the parent directory.

Note that this will only prevent the file from being removed (deleted), but won't do anything against accidental truncation or overwriting with garbage. If a file is writable, you can write anything to it, period.

Also, file permissions are next to impossible to translate between operating systems. If the NAS runs Linux, and you try to set permissions from within Windows, the end result may be different from what you expect.

Solution 2

In Linux you could create a hard link to it. Then you can write to it and "delete" it, but you'll be only removing the reference in your directory. The other hard-link will still point to the file's contents, so it won't have been deleted anyway.

In Unix world, you don't "delete" files. You just decrease the number of hard links to it. When nothing else is pointing to it, the space is considered free and can be used…

Solution 3

Backups. You can't really protect a writeable file from damage even if you can from deletion. Back it up daily.

Share:
23,604
therobyouknow
Author by

therobyouknow

I enjoy making software and applying technology to help myself and friends and family achieve things as well as earning a living doing it. github.com/therobyouknow linkedin.com/in/therobyouknow twitter.com/therobyouknow

Updated on September 18, 2022

Comments

  • therobyouknow
    therobyouknow over 1 year

    I want to make a file locked against deletion but still be writeable. How do I do this?

    The file in question is a Truecrypt volume as a file on a NAS SMB Network share, so I don't want to accidentally delete it.

    • soandos
      soandos over 12 years
      Its not possible. Writing zeros amounts to deleting it.
    • therobyouknow
      therobyouknow about 6 years
      @soandos - I don't agree I'm afraid. Because writing zeros to it still means that the file exists, but is full of zeros. Indeed there are Linux commands to create a 'sparse' file full of zeros.
  • RBerteig
    RBerteig over 12 years
    +1. Do this no matter what other belts and suspenders are applied.
  • Richard
    Richard over 12 years
    You don't actually need to Deny delete, just remove Delete from existing access control entries (ACEs). (Deny ACEs make things more complex, usually not a good course in the longer term.)
  • CarlF
    CarlF over 12 years
    Good idea. Don't know if @Rob can create hardlinks on his NAS, but if he can that's a very clever solution.
  • therobyouknow
    therobyouknow over 12 years
    +1 I'll could that in combo with the accepted answer if possible. or seperately if not. +1 for thinking outside the box as said. However the linux share in question is a NAS drive, not sure what console facilities are available, its an embedded or semi-embedded form of linux. +1 still though as it might help other folks who have a regular linux desktop or computer acting as a share.
  • therobyouknow
    therobyouknow over 12 years
    +1 CarlF and +1 RBerteig. Totally agree. The files are all backed up onto optical media as well (DVD-R,+R,+R DL and blu-ray 25gb and dl 50gb). I may also consider a second hard drive.
  • Rotsor
    Rotsor over 12 years
    The same technique should work with NTFS.
  • user1686
    user1686 over 12 years
    @Richard: AFAIK, removing requires completely disabling ACL inheritance for that file, which makes it even more complex in the end.
  • surfasb
    surfasb over 12 years
    I agree with Grawity. Deny Delete permission is the way to go. If the share permission is set to modify, then the deny will still block the deletion, while leaving it blank will allow deletions.
  • therobyouknow
    therobyouknow over 12 years
    I should add, I have backups of the files within the truecrypt volume which is the container file. Not the truecrypt volume itself.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Vfat file system on usb-drive for Windows and Linux compatibility
File system format for both windows and linux use (besides fat32)
Offline Files in Mac or Linux
Is exFAT now the best choice for an external hard drive that will be used for Windows, Mac, and Linux?
Change UDF volume label
How do I read the Ext4 partition of my SD card on Windows?
What filesystem to use when using both Windows and Linux?
Is a file system just the layout of folders?
Sharing filesystem between Linux and Windows servers
How to cause file system corruption for test purposes?