On Tue, 18 Mar 1997 10:12:03 EST Matthew Tebbens ([EMAIL PROTECTED] ishkill.ibm.com) wrote:
> I'm not sure if this is normal, but it seems that any file owned by > someone else and in one of my directories can be deleted by me even > if I don't have the proper permissions to do so. I also can rename the > file, but I can't alter the file. This holds true even if the file > is owned by root. Congratulations, you've found a big *nix security flaw ! > Is this normal ? Yes. > If so, what things can I do to someone elses file thats in one of my > directories , just delete or rename the file ? > As root, what if I want to keep a file in someones directory without them > deleteing it ? As I see it now, that can't be done ?!?!? Permissions for removal/addition of files in a directory are controlled by the directory permissions, not the file permissions. Makes sense when said like this. _Except_ for directories with the sticky bit set where only the owner of a file can remove it (eg. /tmp). Phil.
