If I have two users called john and sally. Both are part of the users group. john creates a directory with permissions 775. sally then puts a file there with 644 permissions.
Even though the file obviously has no group write privileges. Can john then modify/delete that file in the directory he owns but the file he does not own?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
He can delete the file because unlinking depends on the directory’s permissions, not the files. In this way, he can modify it since he can remove and replace it in the directory.
Method 2
Yes, deleting a file doesn’t actually modify the file, it modifies the directory and john has permission to do so.
The way to prevent this behavior is to set the sticky bit on the directory. That is how /tmp allows everyone to write to it, but only the owners (or root) to delete things from it.
chmod +t directory
That will turn the sticky bit on.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0