Delete files owned by root, without being root

Maybe my brain has been twisted by too many years of using Unix, but that's exactly how it's supposed to work. "rm" is really editing the directory, not the file, so the owner of the directory is what matters. The file may not actually even be deleted; if there's a hard link to it from another directory the file will still be there in the other places. inodes are awesome.

If you leave a locked safe in my locked house, I cannot open the safe but I can easily dispose of it. I would argue that this behavior is intuitive.

Relevant `unlink` attack:<p><a href="http://lcamtuf.coredump.cx/tmp_paper.txt" rel="nofollow">http://lcamtuf.coredump.cx/tmp_paper.txt</a>

If you want to modify this behavior, ACL's or "Extended Attributes" are your friends:<p><a href="http://en.wikipedia.org/wiki/Extended_file_attributes" rel="nofollow">http://en.wikipedia.org/wiki/Extended_file_attributes</a><p>See also the "chattr" or "xattr" commands, depending on your unix variant

And this is common knowledge.

This is of course intentional. As far as I can tell, though, you can't delete a non-empty subdirectory owned by root containing files that are also owned by root, even if you own the directory containing that subdirectory. In order to delete the subdirectory you need to delete the files in it, and you can't do that unless you have permission to modify that subdirectory.

Delete files in directory owned by root, without being root <a href="http://en.wikipedia.org/wiki/Sticky_bit" rel="nofollow">http://en.wikipedia.org/wiki/Sticky_bit</a>