[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

rm -rf .. ?!?!



I have noticed today something quite strange (at least for me) - that a
user who owns a directory can delete from it ANY file, even if he
doesn't have permissions to read or write to the file, and it is owned
by another user.
It is thus possible, for example, for a user to delete a .rhosts file
from his home directory even if root put that file there without r/w
permissions for the user.

I have tested this on both Redhat, Slackware and Solaris and it seems to
work so I surmise this is a feature and not a bug, however it still
seems strange to me.

Anyone care to comment?

Gilad