[Bug 788468] Re: rm manages to remove files owned by root without sudo
Launchpad Bug Tracker
788468 at bugs.launchpad.net
Tue Feb 28 15:23:43 UTC 2012
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: sudo (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/788468
Title:
rm manages to remove files owned by root without sudo
Status in “sudo” package in Ubuntu:
Confirmed
Bug description:
To reproduce:
volodya at gnome:~$ sudo touch bla
volodya at gnome:~$ ls -l bla
-rw-r--r-- 1 root root 0 2011-05-26 08:17 bla
volodya at gnome:~$ rm bla
rm: remove write-protected regular empty file `bla'? y
volodya at gnome:~$ ls -l bla
ls: cannot access bla: No such file or directory
What i expect to see:
rm command should not be able to remove files which are owned by root without root login
Note:
I have tried to remove from /bin/ directory, and i do see that there it generates an error
volodya at gnome:/bin$ rm more
rm: remove write-protected regular file `more'? y
rm: cannot remove `more': Permission denied
However, this is insufficient. Root owned files within home directory should also be protected from deletion.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/788468/+subscriptions
More information about the foundations-bugs
mailing list