Even though a file is held by root and has 700 rights, if the root user saves it in another user's home directory or any other directory owned by another user, that user can remove the file.
Example:
root@workstation:/home/otheruser# ls -la total 8 drwxr-xr-x 2 otheruser otheruser 4096 Jul 28 11:52 . drwxr-xr-x 3 root root 4096 Jul 28 11:51 .. -rwx------ 1 root root 0 Jul 28 11:52 root_users_file
I may now remove the file by suing to "otheruser," because "otheruser" is the owner of the directory where "root users file" is stored:
root@workstation:/home/otheruser# su otheruser $ rm root_users_file rm: remove write-protected regular empty file `root_users_file'? y
Now to protect the file from being deleted, use the command chattr +i:
chattr +i root_users_file
and then try again to delete the file as "otheruser", the action will be denied:
root@workstation:/home/otheruser# su otheruser $ rm root_users_file rm: remove write-protected regular empty file `root_users_file'? y rm: cannot remove `root_users_file': Operation not permitted
Now even the root user is not able to delete or edit the file anymore. With the command chattr -i the protection can be removed:
chattr -i root_users_file
