Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#7473 - Users able to delete/write/move root:root files
Attached to Project:
Arch Linux
Opened by Jeffrey Grembecki (xehp) - Wednesday, 20 June 2007, 06:54 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 20 June 2007, 11:41 GMT
Opened by Jeffrey Grembecki (xehp) - Wednesday, 20 June 2007, 06:54 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 20 June 2007, 11:41 GMT
|
DetailsDescription:
If I create a root:root 644 file in a users folder, that user is able to delete the file. Additional info: * package version(s) * config and/or log files etc. Steps to reproduce: root$ touch /home/user/killme user$ rm ~/killme |
This task depends upon
groups: log video audio optical
kernel26: 2.6.21.5-1
User has 755 rights on his directory which means he can view and edit directory's contents which includes creating and removing files.