Re: Directory and file permissions
On Wed, Dec 08, 2010 at 07:17:41AM EST, Lisi wrote:
> My google foo seems to have deserted me completely. Could someone take
> pity? :-(
>
> Is it possible for a directory to have lower permissions than the files it
> contains? And could those who have permissions for the files, but not the
> directory, gain access to the files?
>
> My instinct says no. But it would not be for the first time if my instinct is
> wrong.
>
> Thanks for any help anyone feels able to give,
There's the case where you only set the ‘x’ flag for group & other:
$ mkdir /tmp/t
$ chmod go-rw /tmp/t
$ ls -alchd /tmp/t
drwx--x--x 2 me me 4.0K 2010-12-08 08:33 /tmp/t
$ echo ‘xxx’ > /tmp/t/t.txt
$ ls -alch /tmp/t
-rw-r--r-- 1 me me 4 2010-12-08 08:45:47.000000000 -0500 x.txt
$ chmod ugo+rwx /tmp/t/t.txt
$ ls -alch /tmp/t
-rwxrwxrwx 1 me me 4 2010-12-08 08:45:47.000000000 -0500 x.txt
Now user ‘her’ can cd to /tmp/t/ but cannot ‘ls’ its contents.
Even bash tab completion will refuse to yield any of the directory's
secrets.
So if ‘her’ knows that there is a file named ‘x.txt’ in there, she can
list or modify its contents, execute it if something executable lives in
there.
What ‘her’ cannot do is anything that would require read or write
permissions to the /tmp/t directory, such as list (ls) or change (rm,
mv..) its contents.
With the above scenario, the directory has lower permissions than the
files it contains and ‘those who have permissions’ - everybody in this
instance - to the files can ‘gain access’ to the files (rw access).
Barring any typos and stuff, the above should be correct, but if you
google for ‘linux file permissions’ you shall come up with clearer and
likely more reliable explanations.
What I do not know is why this was thus designed, except perhaps to
confuse the likes of me..
cj
Reply to: