On Wed, May 24, 2017 at 8:23 PM, Mark Longridge <cubexyz@gmail.com> wrote:

Ok, I just did an experiment with the rm command and the results surprised me.

On Unix v5 logged in as root I created a small test file then did
chmod 444 on it. Unfortunately it appears that mere users can still rm
the file and also directories are not safe from the rmdir command
(even directories set to mode 444).

This seems to be the case for v6 and v7 as well.

To be fair rm will prompt the user with: test1: 0100444 mode
but the user only has to type y and hit enter and the file is toast.

Is there no way to completely protect files from being deleted?

Yes, these are the normal semantics, even on modern systems. If you want to prevent a user from removing a file, remove the user's write permission to the directory containing the file. Recall that a "file" in the removable sense is really a directory entry that points to the inode that represents the real file; to remove that, one must modify the directory to remove the directory entry. The permissions on the file itself don't matter since removal isn't an operation on the contents of the file; the only thing it does to the actual file is update the link count in the inode.

- Dan C.