Home / ubuntu / Questions / 140069
In Process
tuks
Asked: 2012-05-21 20:00:30 +0800 CST

Firefox deletes root protected files?

  • 772

When Firefox starts, it creates two files in the user settings directory: places.sqlite-shm and places.sqlite-wal and deletes them upon exit.

Just for the experiment, I set the permissions of those files so that only root can read/write them. But when I closed Firefox, those files got deleted! How is that possible? Firefox is not running with root permissions...

Don't ask me why I'm doing this, I'm just curious

firefox

3 Answers

  1. A user with write permission on a directory can delete any file within that directory, unless the directory has the "sticky" bit set (as is commonly set on /tmp).

    In addition, the owner of a directory can delete any file within that directory, regardless of sticky bit or other permissions.

    The "sticky" bit when set on a directory is sometimes referred to as the "restricted deletion flag".

    If you'd like to prevent your user from being able to delete those files, set the parent directory's sticky bit:

    chmod +t some-directory-name

    After that, you'll also need to change ownership on the directory (you'll need to do this as root):

    sudo chown root some-directory-name

    You'll want to ensure that your user can still write to that directory, if losing ownership left your user without write access, you can either grant write access to "other":

    sudo chmod o+rwx some-directory-name

    Or you can ensure your group has access:

    sudo chgrp yourgroup some-directory-name
sudo chmod g+rwx some-directory-name

    (Group ownership is not enough to give you the ability to delete the root-owned files.)

    Good luck in your adventures, whatever they may be.

    • 10

  2. To delete a file you only need write and execute permission to the folder that holds the file. The permissions of the file itself don't matter.

    • 0

  3. Because you can delete files within directories based on the permissions of the directory.

    http://www.tuxfiles.org/linuxhelp/filepermissions.html

    Read permission. On a regular file, the read permission bit means the file can be opened and read. On a directory, the read permission means you can list the contents of the directory.

    Write permission. On a regular file, this means you can modify the file, aka write new data to the file. In the case of a directory, the write permission means you can add, remove, and rename files in the directory. This means that if a file has the write permission bit, you are allowed to modify the file's contents, but you're allowed to rename or delete the file only if the permissions of the file's directory allow you to do so.

    Execute permission. In the case of a regular file, this means you can execute the file as a program or a shell script. On a directory, the execute permission (also called the "search bit") allows you to access files in the directory and enter it, with the cd command, for example. However, note that although the execute bit lets you enter the directory, you're not allowed to list its contents, unless you also have the read permissions to that directory.

    • 0