Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.
normal user can delete files, which is not owned by him.
try:
x@y$ cd ~
x@y$ su
x@y# touch XXX
x@y# chmod 700 XXX
x@y# exit
x@y$ rm -f XXX
:) that file is deleted !!!
Yeah... But what owner of this file is ??
Look:
SRV:/home/ftp# ls -la
-rw------- 1 root root 166 2004-05-12 15:07 welcome.msg
wiesiek@SRV:~$ rm -f welcome.msg
rm: cannot remove `welcome.msg': Permission denied
for example: at /, /bin ..it is not possible,
but at: /usr/bin/, ~/, /tmp it is really possible.
Yeap.. because is owned as root, not x account in your example.
I never had any problems with remove non-owned files.
I sugest read manual of LS command :)
--
I greet
Wieslaw
----------------------------------------------------------------------
Startuj z INTERIA.PL!!! >>> http://link.interia.pl/f1837
Reply to: