RM disregards file level permissions and uses directory permissions instead.

[James J. Perry]

We are in the cutover process and one of the DBAs found this behavior.
If testfile1 is owned by usera:group1 in a parent directory with
permissions 777 owned by usera:group1, userb:group2 can delete testfile1
even if testfile1 has permissions 600.  Conversely if the same parent
directory has permissions 755 and userb owns testfile2 with 777
permissions they cannot delete their own file from that parent
directory.  I found this happens on rm version 5.2.1 running on RHEL4
and 5.97 running on RHEL5.  It does not specify anything about this
behavior in the man pages or other docs.  Can you please look into this
and let me know about this behavior?  

 

Here is more OS level detail:

 

test1 $ ls -lR

.:

total 8

drwxrwxrwx  2 test1 users 4096 Apr 16 18:15 dir1

drwxr-xr-x  2 test1 users 4096 Apr 16 18:15 dir2

 

./dir1:

total 0

-rw-------  1 test1 users 0 Apr 16 18:15 testfile1

 

./dir2:

total 0

-rwxrwxrwx  1 test2 users 0 Apr 16 18:15 testfile2

 

Now as test2 user:

 

test2 $ rm test1/testfile1

rm: cannot remove `test1/testfile1': No such file or directory

test2 $ rm dir1/testfile1

rm: remove write-protected regular empty file `dir1/testfile1'? y

test2 $ rm dir2/testfile2

test2 $ ls -lR

.:

total 8

drwxrwxrwx  2 test1 users 4096 Apr 16 18:16 dir1

drwxr-xr-x  2 test1 users 4096 Apr 16 18:15 dir2

 

./dir1:

total 0

 

./dir2:

total 0

-rwxrwxrwx  1 test2 users 0 Apr 16 18:15 testfile2

 

 

Thanks!

 

James J Perry (address@hidden) 

DS Waters of America, Inc.

770-933-1401