😤I Had Write Permissions... So Why Was Linux Saying "No"?

🧠 “If I have write access to a file, I should be able to write to it… right?”

That’s what I thought. Until Linux roundhouse kicked me in the brain.

🎯 The Setup — HTB: Traverxec

I was knee-deep in the Traverxec box on Hack The Box. You know, that one with some misconfigured nostromo web server and a classic privilege escalation path. Things were going smoothly. Too smooth.

I landed a shell as david. Did some recon. Crawled into the /home/david/bin directory — jackpot.

I found a file:

Looked promising. Maybe some crontab magic? Maybe I can inject a command and get root? Let’s gooo.

I checked permissions:

Full permissions. Owned by me. Hell yeah.

I tried a quick test:

💥 BOOM. No wait. Not boom. Smack.

🧪 Sanity Check

Hold up. I checked again:

• ✅ File owned by david

• ✅ rwx permissions

• ✅ I'm logged in as david

• ❌ Can't write, rename, delete, chmod, or even echo into it

It felt like I was trying to write to a ghost.

🔍 The Sherlock Moment (aka: Googling Like a Madman)

At this point, I was questioning everything. My permissions were correct. I owned the file. The command syntax was fine. So why the hell was Linux stonewalling me?

So, I did what any respectable hacker does in a crisis: I Googled. Hard.

And after sifting through a dozen StackOverflow posts, some outdated forums, and a Reddit thread titled “WTF is this i thing in lsattr?” — I had my answer.

I found out about lsattr, a command that shows file attributes at the filesystem level, not just the usual ls -la stuff.

I ran:

And there it was, hiding in plain sight:

That i stands for immutable.

This little gremlin of a flag meant the file was locked down so hard that even root couldn’t touch it without removing the bit first.

It was like Linux was saying:

"Oh, you thought you were in charge? That’s cute."