Linux file permissions. How regular user can edit content of root file with permisions 644

[DanKoLinux]

One thing confuses me about file permissions in Linux.
root creates file root_file_644 with 644 permissions in user Alis home dir. So as I know Alis can delete this file root_file_644 , as Alis is owner of dir /home/Alis and acording to linux permissions file deletion operation is dir operation, but Alis can't append contents to this file.

But on screenshot below you can see that Alis can change file owner of root file(file root_file_644) and appends contents to this file.
I supose that vi at first opened root_file_644 with read permission, after edit content in a buffer, and then creates new file(owned by Alis, but named as old root file - root_file_644) and delete root old file root_file_644. But the inode number of old(root file) and new(Alis files) is the same.

 

[gvisoc]

This looks like a homework question, but anyway.

It is using a vi trick that opens a shell, from where you can escalate permissions... if Alis happens to be the same person as root, or if Alis is in the sudoers group.

I'll let you search, read and experiment with it.

 

[gvisoc]

I mean, it's not that trick but a known feature:

 

[DanKoLinux]

Alis isn't able to run sudo neither in wheel group or any other with privileges to ru sudo.

 

[gvisoc]

Then alis knows the root password, so she's the root user. Sudo and sudoers is just a path.