Why can I delete a file that doesn't belong to me?

Question

This should be an easy one... I have the following situation in my ubuntu server (ftpuser is not in the root group):

ftpuser$ ch /var/www/
ftpuser$ mkdir test
ftpuser$ chmod 775 test

now login with root user

root$ cd var/www/test
root$ touch a.txt
root$ chmod 644 a.txt

now login with ftpuser again

ftpuser$ cd /var/www/test
ftpuser$ rm a.txt

This works. And this is my question, why does this work? The file a.txt is created by root and has permission 644, so only root should be able delete it.

Or is everything in folder test now fully accessible by "ftpuser" user?

Thanks for the help.

score 2 · Answer 1 · answered Mar 30 '16 at 10:51

2

This happens because ftpuser has write access to var/www/test directory

answered Mar 30 '16 at 10:51

Alekos Dordas

133

Why can I delete a file that doesn't belong to me?

1 Answers1