The Wanderer <wande...@fastmail.fm> writes: > On 06/05/2014 11:37 PM, Bob Proulx wrote: > >> jimmy wrote: > >>> // --- remove (delete) a file owned by root, should not be >>> allowed, but is allowed. Here, it says the file is 'read-only' >>> so it warns about it, but of course "rm -f " would work, too: >> >> Why do you think it should not be allowed? It is allowed. >> >> If you don't want a user to modify the directory then change the >> permissions of the directory. > > In this case, however, the user isn't just modifying the directory; the > user is modifying a file in the directory, by deleting that file. > >>> $ rm -v /tmp/testing/newjunk1.txt >>> rm: remove write-protected regular file ‘/tmp/testing/newjunk1.txt’? y >>> removed ‘/tmp/testing/newjunk1.txt’ >> >> Sure. Because tst1 owns /tmp/testing. > > I'm confused as to why that's enough. > > Yes, moving a file affects only data stored in the directory node which > contains the file (and the directory node where the file is being moved > to, which may be the same one). > > But deleting a file does not affect only data stored in the directory > node which contains the file; it affects data stored in the file itself. > (Assuming that there is only one hardlink to the file and the file is > not presently open in any currently running process, which is often a > reasonable assumption - and even when it is not, I don't think the > permissions behavior of 'rm' should be different depending on the number > of hardlinks to the file.) > > As such, it seems as if deleting a file *should* require write > permission to that file. >
I makes perfect sense to me. rm doesn't actually delete files. It unlinks a directory entry. If this was the last link to the inode that constitutes the file (no links in other directories an no open file handles), the inode is deleted as a side effect. Removing a directory entries no relation whatsoever to the permissions of the file. > Is there something I'm missing here? > > -- > The Wanderer > > Secrecy is the beginning of tyranny. > > A government exists to serve its citizens, not to control them. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/8761ke2j1q....@orac.fil