1

I created user small, added him to group kek and allowed that group to only read files in user home directory. Then I chowned all files to root:kek. However, small still can delete files in his home directory.

Commands I ran:

useradd -ms /bin/bash small
groupadd kek
usermod -a -G kek small
chown -R root:kek /home/small/*
chmod -R g=r /home/small/*

Then when I try to remove file: 

$ ls -l
total 16
-rw-r--r-- 1 root kek 240 Jun 23 06:17 Dockerfile
-rw-r--r-- 1 root kek 39 Jun 21 09:17 flag.txt
-rw-r--r-- 1 root kek 2336 Jun 22 14:19 server.py
-rw-r--r-- 1 root kek 24 Jun 22 08:16 small.py
$ rm flag.txt
$ ls -l
total 12
-rw-r--r-- 1 root kek 240 Jun 23 06:17 Dockerfile
-rw-r--r-- 1 root kek 2336 Jun 22 14:19 server.py
-rw-r--r-- 1 root kek 24 Jun 22 08:16 small.py
$ whoami
small

Why does this happens?

asked Jun 23, 2018 at 6:31

2 Answers 2

6

Whether a file can be deleted or not is not a property of the file but of the directory that the file is located in. A user may not delete a file that is located in a directory that they can't write to.

Files (and subdirectories) are entries in the directory node. To delete a file, one unlinks it from the directory node and therefore one has to have write permissions to the directory to delete a file in it.

  • The write permissions on a file determines whether one is allowed to change the contents of the file.
  • The write permissions on a directory determines whether one is allowed to change the contents of the directory.

Related:

answered Jun 23, 2018 at 6:36
4
  • Small question: now I created directory /home/small/server, put all files there and chown and chmod the same way as before. Now small cannot chdir to that directory even though group kek has read permission, why? Commented Jun 23, 2018 at 6:40
  • Why is execute permission needed? Commented Jun 23, 2018 at 6:41
  • 1
    @nikrom3000 Execute vs Read bit. How do directory permissions in Linux work? Commented Jun 23, 2018 at 6:46
  • @nikrom3000 To cd into a directory, the user must have execute permissions on it. Read permissions only gives you the ability to list files. Commented Jun 23, 2018 at 7:06
1

On Unix you do not delete a file, you remove it from a directory listing. When a file no-longer has any directory listings (it can have many), and is no-longer open by a process, then it will be deleted.

If you have write permission on a directory, then you can remove a files directory listing.

What to do about it

  • Option 1 Remove write permission from the directory.
  • Option 2 Add the sticky bit to the directory (chmod +t «directory-name»). Make it so that only the owner and root (actually has capability CAP_FOWNER) can remove a file. Use this when you need the write permission, so that user can add files.
answered Jun 23, 2018 at 9:24

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.