Here is a case I don’t understand.
I have a group bar, and this group has two users; foo and bar.
I have a test.txt file, foo is the owner and bar user only can read it.
However, if bar user run the gzip command to this file, the ownership changes from foo to bar.
Therefore, foo cannot touch this file any more.
Is this a security hole?
Logged in as bar
$ whoami
bar
$ cd /home/foo/test
$ ls -al
total 8
drwxrwxr-x 2 foo bar 4096 Jan 6 15:48 .
drwxrwxr-- 5 foo bar 4096 Jan 6 15:48 ..
-rwxr-xr-x 1 foo foo 0 Jan 6 15:48 test.txt
$ gzip test.txt
$ ls -al
total 12
drwxrwxr-x 2 foo bar 4096 Jan 6 15:50 .
drwxrwxr-- 5 foo bar 4096 Jan 6 15:48 ..
-rwxr-xr-x 1 bar bar 29 Jan 6 15:48 test.txt.gz
$ uname -a
Linux 2.6.18-xenU-ec2-v1.2 #2 SMP x86_64 x86_64 x86_64 GNU/Linux
Logged in as a foo:
$ whoami
foo
$ touch test.txt.gz
touch: cannot touch `test.txt.gz': Permission denied
Best Answer
Its not a security hole. Gzip creates a new file and removes the old one. This is governed by the directory permissions and not the permissions on the file. If you remove write permission from the directory your test.txt will be safe from user bar.
The full process with respect to security looks like this: