I read this article in https://en.bitcoin.it/wiki/Transaction

P2PKH uses :

scriptSig is supplied by the redeemer. scriptPubKey is from the referred previous transaction.

For example. i send bitcoin to the recipient using the pubkeyHash of the recipient. Because the redeeming condition requires the pubKey and the sig, does it mean anyone with the pubKey and sig can redeem the bitcoin?