Understanding file permissions issue
 

I'm a newb and am trying to understand the following scenario, where I create a file as root and take over ownership as a regular user, which I wouldn't think I should be able to do. Recreation:

1. [root@mybox test]#touch root.txt
2. [root@mybox test]#chmod 700 root.txt
3. Log in on another tty as regular user "reguser".
4. [reguser@mybox test]#vi root.txt
5. I can edit the file, then try to save with :wq and get warned that file is read-only.
6. I am prompted to overwrite with !, so I enter :wq!
7. [reguser@mybox test]$ ls -l shows that reguser now owns root.txt

What gives? I can take over any root-owned file with a regular user? Yes, the directory /test that I am in is public.

I guess it's in the owning directory permissions. After taking off the write bit for world in the owning directory I can no longer change the file. I had not realized that it doesn't make any difference how restrictive the file permission is if the owning directory's permissions were completely permissive.

Vim deleted the old file and created a new one. Deleting a file is an operation on the directory. So if you can write to the directory, you can delete a file, even one owned by root. The sticky bit on a directory is used to prevent one user from deleting another users files.

However, vim should not have been able to read the contents of the file if it was owned & group owned by root and had only root read rights.