user
July 25, 2018, 12:12am
#1
Why is this possible? (on ext4)
~/dir]: whoami
myusername
~/dir]: touch abc
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 myusername users 0 Jul 25 01:08 abc
~/dir]: su -
Password:
pc:~ # cd /home/myusername/dir/
pc:/home/myusername/dir # chown root:root abc
pc:/home/myusername/dir # l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 abc
pc:/home/myusername/dir # whoami
root
pc:/home/myusername/dir # logout
~/dir]: whoami
myusername
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 abc
~/dir]: mv abc xyz
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:10 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 xyz
~/dir]: rm xyz
rm: remove write-protected regular empty file 'xyz'? y
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:10 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
~/dir]:
Why is this possible? (on ext4)
~/dir]: whoami
myusername
~/dir]: touch abc
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 myusername users 0 Jul 25 01:08 abc
~/dir]: su -
Password:
pc:~ # cd /home/myusername/dir/
pc:/home/myusername/dir # chown root:root abc
pc:/home/myusername/dir # l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 abc
pc:/home/myusername/dir # whoami
root
pc:/home/myusername/dir # logout
~/dir]: whoami
myusername
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:08 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 abc
~/dir]: mv abc xyz
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:10 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
-rw------- 1 root root 0 Jul 25 01:08 xyz
~/dir]: rm xyz
rm: remove write-protected regular empty file 'xyz'? y
~/dir]: l
total 28
drwx------ 2 myusername users 4096 Jul 25 01:10 ./
drwx------+ 74 myusername users 20480 Jul 25 01:00 ../
~/dir]:
Hi
user
July 25, 2018, 12:58am
#3
Yeah. I already figured that out, thanks. But is that normal?
Hi
user
July 25, 2018, 1:16am
#5
But as they can still dump them in directories if they want to - what is the logic behind how it works?
Hi
Suggest you create a test user account and play around with that one so if it breaks you can just delete and re-create
Strictly speaking, nobody can remove files – not even root.
But what you can do, is write to a directory that you own. And that allows you to delete a directory entry for a file.
The file itself is automatically removed when there is no directory entry that points to that file, and the file is not open by any process.
hcvv
July 25, 2018, 9:12am
#8
There is an explanation about this in the Dutch section of these forums, but it is in Dutch. I assume it is not difficult to find an English explanation about this very basic Unix concept on the internet.
Concentrate on ownership (by uid and gid) and permissions of files. In this case specially on what r-, w- and x- permissions mean on files of the type directory.
