1

I know that deleting a file depends on the permissions I have on the enclosing directory, and not on the file itself, see e.g. here

But what about a non-empty directory? Using rm -rf NON_EMPTY_DIR fails because the files within the directory cannot be deleted. Is keeping the directory non-empty and non-writable for others a safe way of preventing other users to delete the folder?

Example:

# Create write-all outer dir
mkdir outer
chmod 777 outer
# Create two subdirectories, one of which is empty, one not, 
# and none are writable by anyone
mkdir outer/{non-,}empty 
touch outer/non-empty/file
chmod 555 outer/*

ls -la outer
## drwxrwxrwx  4 user user    80 May 31 15:12 .
##   [ .. does not matter here ]                   
## dr-xr-xr-x  2 user user    40 May 31 15:12 empty
## dr-xr-xr-x  2 user user    60 May 31 15:12 non-empty

rm -rf outer/empty
# Succeeds
rm -rf outer/non-empty
# rm: cannot remove outer/non-empty/file: Permission denied
akraf
  • 867

2 Answers2

2

They may not be able to delete it, but rename it or move it to somewhere else. It won't be gone, but it will look that way.

Gerard H. Pille
  • 2,360
  • Oh, excellent point! – ilkkachu May 31 '18 at 15:41
  • Actually I just tested and it'll let me rename a nonwritable directory, but not move it somewhere else. There might be another variable that's preventing it from working in my case; I'm not sure. Technically though, moving a directory does involve modifying it, as the inode number of the .. entry must change. – Sparkette Dec 13 '20 at 18:32
  • @flarn2006, interesting finding! That's indeed how it seems to work on Linux. On my Mac though, I can't even rename the dir without write permission to it: mkdir dir; chmod 0 dir; mv dir foo gives Permission denied, but rmdir dir still works. – ilkkachu Dec 13 '20 at 19:11
1

Can someone delete my non-empty directory from a write-all directory without having write permissions on it?

No.

Is keeping the directory non-empty and non-writable for others a safe way of preventing other users to delete the folder?

Yes.

rmdir doesn't work on non-empty directories, and without write access, they have no way of making it empty.

ilkkachu
  • 138,973
  • In a duplicate of my linked question an answerer says: "removing a file doesn't count as writing the file - it counts as writing the directory!" So there is no way of "writing" to the directory (as normal user) on a lower level? – akraf May 31 '18 at 13:30
  • @akraf, the difference here is, that you don't have a file, you have a directory. Having write access to a top-level directory doesn't translate to having write access to a subdirectory, the permissions don't work recursively. That, too, is at least partly due to the structure of the filesystem. While you can't have hard links to directories sanely, the directory itself (the inode) still doesn't really know where it is located. It might get moved, and that would mess up any recursive permissions. – ilkkachu May 31 '18 at 13:39
  • And if you need to make the directory writable for whatever reason, just add a non-writable subdirectory that isn't empty. – Sparkette Dec 13 '20 at 16:52
  • @flarn2006, you'll often want the sticky bit (+t) also to prevent users from removing files other users. It's the exception to directory write access allowing removing files. – ilkkachu Dec 13 '20 at 17:11
  • Yes, that too :) Though that alone should be enough. – Sparkette Dec 13 '20 at 18:25