On Wed, May 24, 2017 at 8:23 PM, Mark Longridge <cubexyz(a)gmail.com> wrote:
Ok, I just did an experiment with the rm command and
the results surprised
me.
On Unix v5 logged in as root I created a small test file then did
chmod 444 on it. Unfortunately it appears that mere users can still rm
the file and also directories are not safe from the rmdir command
(even directories set to mode 444).
This seems to be the case for v6 and v7 as well.
To be fair rm will prompt the user with: test1: 0100444 mode
but the user only has to type y and hit enter and the file is toast.
Is there no way to completely protect files from being deleted?
Yes, these are the normal semantics, even on modern systems. If you want to
prevent a user from removing a file, remove the user's write permission to
the directory containing the file. Recall that a "file" in the removable
sense is really a directory entry that points to the inode that represents
the real file; to remove that, one must modify the directory to remove the
directory entry. The permissions on the file itself don't matter since
removal isn't an operation on the contents of the file; the only thing it
does to the actual file is update the link count in the inode.
- Dan C.