You're getting into ACLs there. Basic permissions in POSIX cover read, write, and execute (plus setuid, setgid, and sticky). Modify doesn't appear in POSIX, but it does in NTFS ACLs. Getting write without read (unusual but possible) might cover this, but as PAL mentions, he is
the system. He's running as root (a security problem in itself, but if PAL is the kernel and the kernel is PAL, it's understandable), so he can change permissions as required. Programming a kernel that can't change things at will is not a trivial task.
If I show up at your door, chances are you did something to bring me there.