Re: Kernel 3.14.x bug? rm, mv root-owned files

To: The Wanderer <wanderer@fastmail.fm>
Cc: debian-user@lists.debian.org
Subject: Re: Kernel 3.14.x bug? rm, mv root-owned files
From: Filip <filip@fbvnet.be>
Date: Fri, 06 Jun 2014 16:45:37 +0200
Message-id: <[🔎] 8761ke2j1q.fsf@orac.fil>
In-reply-to: <[🔎] 5391C53B.4080305@fastmail.fm> (The Wanderer's message of "Fri, 06 Jun 2014 09:42:19 -0400")
References: <[🔎] 1402015161.55498.YahooMailBasic@web162905.mail.bf1.yahoo.com> <[🔎] 20140606033754.GA18765@hysteria.proulx.com> <[🔎] 5391C53B.4080305@fastmail.fm>

The Wanderer <wanderer@fastmail.fm> writes:

> On 06/05/2014 11:37 PM, Bob Proulx wrote:
>
>> jimmy wrote:
>
>>>    // --- remove (delete) a file owned by root, should not be
>>> allowed, but is allowed.  Here, it says the file is 'read-only'
>>> so it warns about it, but of course "rm -f " would work, too:
>> 
>> Why do you think it should not be allowed?  It is allowed.
>> 
>> If you don't want a user to modify the directory then change the
>> permissions of the directory.
>
> In this case, however, the user isn't just modifying the directory; the
> user is modifying a file in the directory, by deleting that file.
>
>>>    $ rm -v /tmp/testing/newjunk1.txt
>>> rm: remove write-protected regular file ‘/tmp/testing/newjunk1.txt’? y
>>> removed ‘/tmp/testing/newjunk1.txt’
>> 
>> Sure.  Because tst1 owns /tmp/testing.
>
> I'm confused as to why that's enough.
>
> Yes, moving a file affects only data stored in the directory node which
> contains the file (and the directory node where the file is being moved
> to, which may be the same one).
>
> But deleting a file does not affect only data stored in the directory
> node which contains the file; it affects data stored in the file itself.
> (Assuming that there is only one hardlink to the file and the file is
> not presently open in any currently running process, which is often a
> reasonable assumption - and even when it is not, I don't think the
> permissions behavior of 'rm' should be different depending on the number
> of hardlinks to the file.)
>
> As such, it seems as if deleting a file *should* require write
> permission to that file.
>

I makes perfect sense to me. rm doesn't actually delete files. It
unlinks a directory entry. If this was the last link to the inode that
constitutes the file (no links in other directories an no open file
handles), the inode is deleted as a side effect.

Removing a directory entries no relation whatsoever to the permissions
of the file.

> Is there something I'm missing here?
>
> --
>    The Wanderer
>
> Secrecy is the beginning of tyranny.
>
> A government exists to serve its citizens, not to control them.

Reply to:

Follow-Ups:
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: Chris Bannister <cbannister@slingshot.co.nz>

References:
- Kernel 3.14.x bug? rm, mv root-owned files
  - From: jimmy <wg2002a@yahoo.com>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: Bob Proulx <bob@proulx.com>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Re: Remove unwanted, orphaned files and dependencies
Next by Date: Re: Remove unwanted, orphaned files and dependencies
Previous by thread: Re: Kernel 3.14.x bug? rm, mv root-owned files
Next by thread: Re: Kernel 3.14.x bug? rm, mv root-owned files
Index(es):
- Date
- Thread