37

I have a backup upload script that scp’s files to another server using the user upload. Another script on the target server then chown’s these to another user and sets the file mode to 755.

If I then SSH into the target server using the upload user, I’m able to delete the chowned files. Shouldnt they be read only?

Here is what a file looks like on the target server, and the user upload is able to delete it.

-rwxr-xr-x 1 maciekish maciekish 650M Nov  1 01:07 2014-11-01-data.tar.bz2

The user upload was just added using useradd and is not a part of the maciekish group.

When trying to delete the file as upload via ssh I get the question whether I want to delete “write protected regular file” and I’m able to say Y and delete it.

Giacomo1968
  • 58,727
Maciej Swic
  • 820

2 Answers2

64

The files are read-only; however, deleting a file doesn't modify it but only the parent directory (it basically removes the file from directory listing) – and it sounds like you have full write permissions to the directory.

You can set the sticky bit—aka “restricted deletion” flag—which will prevent anyone except the owner from renaming or deleting files in that directory (like in /tmp). To do this, run chmod o+t *directory* as the owner of the directory.

cpast
  • 2,513
grawity
  • 501,077
12

In a typical Unix filesystem, any file can be identified by an arbitrary number of directory entries, each of which holds a "hard link".

From an implementation standpoint there is a difference between deleting the last directory entry (hard link) for a file and simply deleting one reference out of of many. However, from a semantic standpoint there is no difference.

If multiple hard links exist to a file, writing to the file using any of them alters the file seen by all of them. Using rm on a link, however, merely causes the file to not be accessible via that link. Other links to the file continue to see the exact same file.

I say Reinstate Monica
  • 26,651
supercat
  • 1,819
  • 10
  • 8