I am executing the following command:
chmod 000 x.txt
but as owner I still can rename it ! why ?
and how can I prevent all people from renaming that file ?
I am executing the following command:
chmod 000 x.txt
but as owner I still can rename it ! why ?
and how can I prevent all people from renaming that file ?
As correctly answered by David Foerster, the rights to manipulate files and directories depends on the permission on the containing directory.
Said that, there is a (dirty?) trick to avoid that a directory could be deleted even if you have right on the containing one: put in it a (possibly hidden) file, and make that and the directory no-writable. Look at this example:
[romano:~] mkdir tmp/test; cd tmp/test
[romano:~/tmp/test] % mkdir subdir_e subdir_f
[romano:~/tmp/test] % touch subdir_f/.hiddenfile
I created two subdirs, one empty and the other with an hidden file.
[romano:~/tmp/test] % chmod 555 subdir_f/.hiddenfile subdir_f subdir_e
[romano:~/tmp/test] % sudo chown root subdir_f/.hiddenfile subdir_f subdir_e
I make this directory and the hidden file no-writable, by changing permission and giving ownership to root
(otherwise I can simply change permission back). Let's see the status:
[romano:~/tmp/test] % ls -la
total 16
drwxrwxr-x 4 romano romano 4096 oct 23 16:37 .
drwxr-xr-x 6 romano romano 4096 oct 23 16:31 ..
dr-xr-xr-x 2 root romano 4096 oct 23 16:37 subdir_e
dr-xr-xr-x 2 root romano 4096 oct 23 16:37 subdir_f
Notice that I own and have write rights to .
, which is my current directory, so if I do:
[romano:~/tmp/test] % rmdir subdir_e
it succeeds, because I can modify .
as I like. But if I try the same with the non-empty subdir:
[romano:~/tmp/test] % rmdir subdir_f
rmdir: failed to remove ‘subdir_f’: Directory not empty
[romano:~/tmp/test] 1 % rm -rf subdir_f
rm: cannot remove ‘subdir_f/.hiddenfile’: Permission denied
[romano:~/tmp/test] 1 % chown romano subdir_f
chown: changing ownership of ‘subdir_f’: Operation not permitted
...I need root privilege to remove it now.