Re: File permission confusion [Debian 9.1 with MATE]
- Date: Mon, 1 Jan 2018 20:35:03 +0900
- From: Mark Fletcher <mark27q1@xxxxxxxxx>
- Subject: Re: File permission confusion [Debian 9.1 with MATE]
On Mon, Jan 01, 2018 at 05:23:29AM -0600, Richard Owlett wrote:
> As user "richard" I created 3 files.
> I later wanted to protect them totally from accidental change.
> For each file, I went to Properties->Permissions and changed Access for
> Owner, Group, and Others to "Read Only".
> As user "richard" I was able to delete them with Caja.
> As "root" I changed Owner and Group to "root" leaving Access for all as
> "Read Only".
> User "richard" could still *DELETE THEM*!
> "Read Only" evidently does not mean what it implies.
> What's happening?
BY any chance did user richard own the directory they were in?
I think the logic here is that deleting a file involves writing to the
directory the file is in, so if you have priveleges to (for example
ownership of) the directory, yes you'd be able to delete it.
I'd further postulate that in your scenario when the file was owned by
root but the directory was owned by richard, richard would not have been
able to append to or shorten the file -- because that would have
involved writing to the file which richard did not have permissions to