it is in this file: https://github.com/nathanctung/UCLA-CS-136/blob/1a883e2a6d1014fb5b162b332c867f6b4ef1e461/Assignment%203/submit2-1415097320/part2/patch2.sh
#!/bin/bash
sudo mkdir /home/memo-users # create memo-users directory in /home
sudo groupadd memo-users # create memo-users group and give them ownership
sudo chgrp -R memo-users /home/memo-users
sudo chmod 755 /home/memo-users
# at this point, users can be added to memo-users group
# all users dealing with memos should be added
sudo mkdir /home/memo-users/memo # add the actual dir for storing memos
sudo chmod 775 /home/memo-users/memo
sudo chmod +t /home/memo-users/memo # sticky bit keeps files from arbitrarily deletion
sudo cp fixed.patch /usr/lib/cgi-bin/ # copy the patch over to memo.cgi's dir
cd /usr/lib/cgi-bin
sudo chmod -s memo.cgi # remove root-SUID from memo.cgi altogether
patch < fixed.patch # apply the patch! this may need sudo su - access
This script can prevent different user from change others' memo. But I don't really know in detail what he has done. I can't understand why he set 755 to /home/memo-users but set 775 to /home/memo-users/memo. Could you tell me the purpose and the result of this scipt?
[7 for owner][7 for same group][5 for everyone]
R - read
W - write
X - execute
5 = R(yes)-W(no)-X(yes)
you can visit this directory only if you have R and X permission
7 = R(yes)-W(yes)-X(yes)
you can write sth. inside this directory
Now, you are in the same group with memo-users. You have R&X, so that you can enter /home/memo-users but unable to modify anything in this folder, and you have RWX in /home/memo-users/memo, so you can write sth. in this directory.
You have R+X permision in /home/memo-users is the prerequisite to access /home/memo-users/memo , but you can edit in /home/memo-users/memo is invoked by this directory itself.
This logic is smooth as far as I concerned. You have no permission writing anything in /home, but you can write sth. in /home/you-name right