RE: Limiting User Commands

To: debian-user@lists.debian.org
Subject: RE: Limiting User Commands
From: Michael Graham <oobermick@yahoo.co.uk>
Date: Mon, 15 Nov 2004 00:42:44 +0000
Message-id: <[🔎] pan.2004.11.15.00.42.44.24353@yahoo.co.uk>
References: <[🔎] pan.2004.11.09.19.15.00.669836@yahoo.co.uk> <[🔎] 20041109195834.D704714BD58@pastinakel.tue.nl>

On Tue, 09 Nov 2004 20:58:33 +0100, Dan Roozemond wrote:
> Suppose the root-owned file (readable for non-root user) is a. Then one does
> 'cp a b; rm a; mv b a' and we have the same file a owned by the regular
> user. Key observation here is that the non-root user ownes the directory,
> hence can remove files.

Thanks for the info.

When I was playing around with this I discovered something quite strange:

/tmp/test$ ll
total 0
-rw-r--r--  1 root root 0 2004-11-15 00:36 test

/tmp/test$ ll -d ../test/
drwxr-xr-t  2 mick mick 4.0K 2004-11-15 00:36 ../test/

/tmp/test$ rm test
rm: remove write-protected regular empty file `test'? y
/tmp/test$ ll
total 0

But according to the man page of chmod I shouldn't be able to do this:

When the sticky bit is set on a directory, files in that directory may be
unlinked or renamed only by root or their owner. Without the sticky bit,
anyone able to write to the directory can delete or rename files. The
sticky bit is commonly found on directories, such as /tmp, that are
world-writable. 

Does anyone understand this?

-- 
OoberMick

Reply to:

Follow-Ups:
- Re: Limiting User Commands
  - From: Joost Witteveen <joostje@iliana.nl>

References:
- Re: Limiting User Commands
  - From: Michael Graham <oobermick@yahoo.co.uk>
- RE: Limiting User Commands
  - From: "Dan Roozemond" <dan+debian@banaan.org>

Prev by Date: Re: weird Mozilla progress report
Next by Date: I need a fast installation method
Previous by thread: RE: Limiting User Commands
Next by thread: Re: Limiting User Commands
Index(es):
- Date
- Thread