If I have a regular, ACL-capable filesystem on Linux (say, ext4 or xfs) is there a way for me to establish the following:
1) There is a directory, say, /home/joe . It is owned by user joe . No one but joe (and root, of course) can read or write anything in this directory.
2) No one can change permissions on that directory, not even joe. In other words, in joe all of a sudden joe decided to open his directory up to the world (or the group he is a member of) by doing something akin to:
chmod 777 /home/joe
he would not succeed.
Thanks in advance for any help.