On Mon, Feb 09, 2009 at 01:46:39AM +0100, Jesus Sanchez wrote: > This question it's a little complicated to make. It's more a curiosity > than a technical situation. First I will try to put the situation. > Let's say I'm the root of a system, and one of my users (user foo) have > his home dir with rwx privileges ( /home/foo/ have permissions 700 ) and > I wan't to create a "black box" dir inside it's home, so I cd to > /home/foo and do: > > # mkdir blackdir > # chmod 000 blackdir > > At this point (as I know) the foo user isn't able to see the content of > blackdir, but if the dir is empty he can delete it (rm -df blackdir) > cause he have rwx on /home/foo. > > Someway, user foo can have information about the contents of > blackdir: if it's empty he can 'rm -d' it, so he will know if the dir > had or not any file. In my way of think, thats "information" about the > dir. > > What is the design cause of this behaviour? I mean, It wouldn't be more > logical the fact that if a dir have 000 permissions, the foo user > shouldn't be able to get any kind of information about the dir? even > something so trivial as if the dir was empty or not.
The user is allowed to remove the directory, but only if it is empty. rm -d expects and empty directory argument and executes the remove operation, which the kernel will not grant if there's files in it. It's not a design decision, but a logical conclusion of the design. -- Ariane
