Why can I delete the file of another user given 640 permission and sticky bit?

file-permissions permissions

I want to have a shared folder /data where multiple users can put their datasets to be used by others.

I've followed the instructions in this answer, so now I have:

ciprian@server /data $ ll .. | grep data
drwxrwsr-t   3 ciprian datasets  4096 Apr 28 09:53 data

ciprian@server /data $ ll
total 4
-rw-r----- 1 stan    datasets    0 Apr 28 09:53 stan-test
drwxr-s--- 2 ciprian datasets 4096 Apr 28 09:27 tdir
-rw-r----- 1 ciprian datasets    0 Apr 28 09:26 cip-test

So both users stan and ciprian have a test file, with owner $USER:datasets and 0640 permission. The parent directory /data belongs to ciprian:datasets and has permission 3775/drwxrwsr-t. If I understand correctly, this means all files created will belong to group datasets and can only be deleted by their respective owner. In addition, given that each file has 0640 permission, users can read each others' files, but not write them (6 4 0).

So why can ciprian remove stan-test ?

Note that stan cannot remove cip-test, as they get 'Operation not permitted' error.

Is it because ciprian is owner of /data ?


You found the answer yourself; it's in the last paragraph. I looked up Wikipedia and found:

"only the file's owner, the directory's owner, or root can rename or delete the file".

Related

RDP Licensing suddenly popped up with a Windows Server key which worked before
What areas offer serious soul farming?
Where did my Mouse Droid pet go?
What is the correct order to hit the direction lock in the sand ship?
What determines your level in the "The Joker’s Carnival" map?
Is it possible to win the first fight in Grubbins on Ice?
How can I tell that I'm gaming with both my GPUs?
Is there a barbarian encampment spawn cut-off trigger?
How do you move furniture?
What do the numbers next to the recipes in the crafting window mean?
Difference between unlocking card decks and purchasing DLC deck packs
How do I use utilities in Temple Run?