Very important Unix concept: the ability to write to a file (including deleting the contents) is controlled by the FILE's permission. But the ability to delete, move or rename a file has absolutely nothing to do with the FILE's permissions. Put it another way: the existence of a file completely depends on the permissions of the directory, not the file!
For example, create a directory owned by root with 755 permissions. Then touch a file inside the directory and give it 666 permissions. Now as an ordinary user, you can do anything to the file EXCEPT remove it! The directory permissions control the existence, while the file permissions control the contents. Set the directory ownership to the user that can actually remove the file and you've protected the file(s).
As mentioned the sticky bit may be set on a globally writable directory such as /tmp (normally 777 permission, set sticky with 1777 permissions) and this will disable the ability of everyone except the owner of the file from removing the file. Now the file can be 666 permissions and the contents changed by anyone but not removed (or renamed) except by the owner. This is commonly done for /tmp and /var/tmp
Bill Hassell, sysadmin
