-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 5 Dec 2002 13:34:09 -0500 (EST), Robert P. J. Day wrote:
> the fact that the original poster could create a file as root, and > remove it as a "dumb test user" means he must have either modified an > existing directory and removed its sticky bit, or created a new > directory with perms 777. in short, what he is describing could *not* > have happened on a standard red hat install. No, it can happen: $ su --login root # cd /home/dumbuser # touch testfile # exit $ su --login dumbuser $ cd ~ $ rm -f testfile $ That is exactly the scenario I find described in the OP's message. Expected behaviour. Directory owned by "dumbuser". Hence dumbuser can delete all files other users -- including root -- may create in $HOME/dumbuser. - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) iD8DBQE976UU0iMVcrivHFQRAq0zAJ49ak5nQ14trxJ1fGH1Cnpmh2z9dgCfcZj6 MdY9vkBr7e/2fi5uEcqnxEs= =nXub -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
