Red Hat Bugzilla – Bug 127269
user can delete files owned by root
Last modified: 2007-11-30 17:10:45 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7)
Description of problem:
If I create a file that is owned by root, I can delete it as an
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. touch p
2. chmod 644 p
2. sudo chown root.root p
3. rm p
Actual Results: file "p" is deleted
Expected Results: should not be able to delete
grep \^root /etc/group ~
I am user vinci.
grep \^vinci /etc/group
My dir looks like this:
drwx------ 79 vinci vinci 4096 5. Jul 18:17 /home/vinci/
I have seen this before: not really sure if this is not a feature.
I think you'll find it only works in directories that you own.
[Btw "sudo touch p ; rm p" is a quickly way to reproduce this.]
The same thing in bash.
This is not unexpected behavior. User "vinci" owns the directory, and
is allowed to write new contents to that directory. Removing a file is
not an action on the file, it is an action on the directory that
contains that file. User "vinci" will not be able to change the file
itself. If you try doing "cd ; sudo touch p ; echo 'foobar' >> p"
you'll see what I mean. Trying to remove any root-owned files in a
directory owned by root will fail.
You're simply seeing normal behavior; this should be changed to NOTABUG.
According to the POSIX standard, this behavior is acceptable. I'm
closing this as NOTABUG.