Ubuntu
glibc package

Bug #10192
Comment #3

Comment 3 for bug 10192

Revision history for this message

In Debian Bug tracker #280632, Roxik (roxik-poczta) wrote on 2004-11-10: Re: Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.

#3

> normal user can delete files, which is not owned by him.
>
> try:
> x@y$ cd ~
> x@y$ su
> x@y# touch XXX
> x@y# chmod 700 XXX
> x@y# exit
> x@y$ rm -f XXX
> :) that file is deleted !!!
Yeah... But what owner of this file is ??

Look:
SRV:/home/ftp# ls -la
-rw------- 1 root root 166 2004-05-12 15:07 welcome.msg

wiesiek@SRV:~$ rm -f welcome.msg
rm: cannot remove `welcome.msg': Permission denied

>
> for example: at /, /bin ..it is not possible,
> but at: /usr/bin/, ~/, /tmp it is really possible.
Yeap.. because is owned as root, not x account in your example.

I never had any problems with remove non-owned files.
I sugest read manual of LS command :)

--
I greet
Wieslaw

----------------------------------------------------------------------
Startuj z INTERIA.PL!!! >>> http://link.interia.pl/f1837