On Mon, Jan 01, 2018 at 05:23:29AM -0600, Richard Owlett wrote: > As user "richard" I created 3 files. > I later wanted to protect them totally from accidental change. > For each file, I went to Properties->Permissions and changed Access for > Owner, Group, and Others to "Read Only". > As user "richard" I was able to delete them with Caja. > *UNDESIRABLE* > As "root" I changed Owner and Group to "root" leaving Access for all as > "Read Only". > > User "richard" could still *DELETE THEM*! > "Read Only" evidently does not mean what it implies. > > What's happening? > TIA > BY any chance did user richard own the directory they were in?
I think the logic here is that deleting a file involves writing to the directory the file is in, so if you have priveleges to (for example ownership of) the directory, yes you'd be able to delete it. I'd further postulate that in your scenario when the file was owned by root but the directory was owned by richard, richard would not have been able to append to or shorten the file -- because that would have involved writing to the file which richard did not have permissions to do. Mark
