I noticed a weird behavior that doesn't fit my understanding of the semantics of the sticky bit. I want a process that runs as root to modify a file in the /tmp directory created by a non-privileged user. The sticky bit is set it in /tmp per the usual convention. Weirdly, I am finding that root can delete files that unprivileged users create in /tmp, but it cannot modify them.
Here is an example to illustrate the problem. First, shell commands to run as an unprivileged user foo:
cd /tmp
touch bar
ls -la
Truncated output looks like this:
total 8.0K
drwxrwxrwt 5 root root 140 Feb 21 14:00 .
drwxrwxrwx 19 root root 4.0K Feb 20 17:06 ..
-rw-r--r-- 1 foo foo 0 Feb 21 14:00 bar
Now, if I try to open bar for writing (as "wb") in a process that is run by root, a permissions error is raised. Here is a minimal example in python- run sudo python, then:
Python 3.10.2 (main, Dec 16 2022, 11:54:37) [GCC 10.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> open('bar', 'wb')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
PermissionError: [Errno 13] Permission denied: 'bar'
Yet if I run sudo rm bar, it doesn't fail to delete the file. Is this behavior expected, or is there a bug somewhere that I am running into? Note that opening a file as "wb" in C also fails with a permissions error, this is how I discovered the issue initially. I am just using python to illustrate the problem.
