[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rm -rf .. ?!?!



> I have noticed today something quite strange (at least for me) - that a
> user who owns a directory can delete from it ANY file, even if he
> doesn't have permissions to read or write to the file, and it is owned
> by another user.
> It is thus possible, for example, for a user to delete a .rhosts file
> from his home directory even if root put that file there without r/w
> permissions for the user.

If I'm not mistaken, the files to directory are as content of the file to
the file, so if your file is writable, it can be deleted, if you directory
is writable it's content (read files) can be deleted as well!


______________________________________________________________________
Stas Bekman     mailto:sbekman@iil.intel.com [just another webmaster]
Home Page:      http://www.eprotect.com/stas
A must visit: 	http://www.eprotect.com/stas/TULARC (Java,CGI,PC,Linux)
Linux-il Home:  http://www.linux.org.il/		    
    
Linux receives a 'Product of the Year Award' for Best Technical Support
http://www.infoworld.com/cgi-bin/displayTC.pl?97poy.supp.htm