Re: rm command possible issue

[Bob Proulx]

Eddie wrote:
> I was able to remove a file whos owner and group was root and 
> the permissions on the file were 0400 from within my home directory.

You own the directory and have permission to create, delete and rename
files within it.  You own the directory.  Permissions of the file for
this operation are not significant.

> This may not be a bug, but certainly doesn't make sense to me. I've 
> always thought and understood that if the file is owned by root and the 
> permissions are 0400 then the file should not be able to be deleted 
> regardless of where it is located and/or who the user is unless the user 
> is root.

That is incorrect.  The ability to create, delete, and rename files
depends upon the directory the file is contained in and not the file
itself.  You surmised this yourself later in your message and you are
correct in that assessment.  Consider this (assuming both on the same
filesystem):

  ln /etc/passwd $HOME

Under the operating model you suggest you would be able to do the
above operation fine but you would never be able to delete the file!
You as a normal user would need to beg assistance from root to clean
up the problem that was created.  That would be untenable in a multi
user environment such as a university or business.

The only way to avoid that would be for the system to make creating a
file in a directory dependent upon the owner of the file.  You would
not be able to have files owned by other users in a directory owned by
a different user.  Which would break other things so that won't work.

> I tried creating a directory with root as user and group then tried to 
> remove it but I wasn't allowed to (which is what's suppose to happen). 
> So, I've come to the conclusion that it's using the permissions of the 
> parent directory to determine if the user can delete the file or not. 

This is correct.  And the system operating and security model really
does work fine this way.  :-)

Bob