From 839b9c8f07286b87abd4ff8e7cbe8c6edeb659bb Mon Sep 17 00:00:00 2001
From: Bananymous <oskari.alaranta@bananymous.com>
Date: Mon, 17 Nov 2025 02:42:59 +0200
Subject: [PATCH] Kernel: Check parent's sticky bit in unlink

---
 kernel/kernel/Process.cpp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/kernel/kernel/Process.cpp b/kernel/kernel/Process.cpp
index 301725d6..bf3d7fbe 100644
--- a/kernel/kernel/Process.cpp
+++ b/kernel/kernel/Process.cpp
@@ -1305,9 +1305,15 @@ namespace Kernel
 
 		auto [parent, file_name] = TRY(find_parent_file(fd, path, O_WRONLY));
 
-		if (TRY(parent.inode->find_inode(file_name))->mode().ifdir() != (flag == AT_REMOVEDIR))
+		const auto inode = TRY(parent.inode->find_inode(file_name));
+
+		if (inode->mode().ifdir() != (flag == AT_REMOVEDIR))
 			return BAN::Error::from_errno(flag ? EPERM : ENOTDIR);
 
+		if (parent.inode->mode().mode & Inode::Mode::ISVTX)
+			if (m_credentials.ruid() != parent.inode->uid() && m_credentials.ruid() != inode->uid())
+				return BAN::Error::from_errno(EPERM);
+
 		TRY(parent.inode->unlink(file_name));
 
 		return 0;