Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.

To: "Michal Zimen" <michal@zimen.sk>, <280632@bugs.debian.org>
Subject: Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.
From: "Roxik" <roxik@poczta.fm>
Date: Wed, 10 Nov 2004 18:00:25 +0100
Message-id: <[🔎] 004501c4c746$ce4b8370$01001eac@Wizard>
Reply-to: "Roxik" <roxik@poczta.fm>, 280632@bugs.debian.org
References: <[🔎] 20041110163013.4431AC1AF38@mizu.intrak.sk>

 normal user can delete files, which is not owned by him.

 try:
 x@y$ cd ~
 x@y$ su
 x@y# touch XXX
 x@y# chmod 700 XXX
 x@y# exit
 x@y$ rm -f XXX
 :) that file is deleted !!!

Yeah... But what owner of this file is ??

Look:
SRV:/home/ftp# ls -la
-rw-------  1 root root     166 2004-05-12 15:07 welcome.msg

wiesiek@SRV:~$ rm -f welcome.msg
rm: cannot remove `welcome.msg': Permission denied

for example: at /, /bin ..it is not possible,but at: /usr/bin/, ~/, /tmp it is really possible.

Yeap.. because is owned as root, not x account in your example.

I never had any problems with remove non-owned files.
I sugest read manual of LS command :)

--
I greet
Wieslaw



----------------------------------------------------------------------
Startuj z INTERIA.PL!!! >>> http://link.interia.pl/f1837

Reply to:

References:
- Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.
  - From: Michal Zimen <michal@zimen.sk>

Prev by Date: Bug#280632: marked as done (libc6: Ordinary user can delete files owned by other user, root files too.)
Next by Date: Bug#279423: libc6-dev: totally incoherent pthread related includes files for dynamic linking
Previous by thread: Bug#280632: marked as done (libc6: Ordinary user can delete files owned by other user, root files too.)
Next by thread: unsubscribe
Index(es):
- Date
- Thread