This is Interesting: Free Magazines for Graphics designers and webmasters  


Home > Archive > Webmaster forum > November 2006 > linux permissions queston





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author linux permissions queston
hug

2006-11-19, 7:58 pm

Suppose you have a directory /mydir which has permissions 770.

Now suppose you have a directory /mydir/subdir which has permissions
777.

Will a user who is not the owner of /mydir and not in the group
specified for /mydir be able to access /mydir/subdir?

I would expect that as one "digs" down from / at each level
permissions would be checked and if not valid the request would fail.
However, I have spent an hour digging around looking for somewhere
that says how it works with no success.

Thanks, especially if you can point me to something that gives a
definitive explanation.

--
Legacy browsers never heard of emerging standards.
(contact via http://www.ren-prod-inc.com/hug_soft)
Michael Fesser

2006-11-19, 7:58 pm

..oO(hug)

>Suppose you have a directory /mydir which has permissions 770.
>
>Now suppose you have a directory /mydir/subdir which has permissions
>777.
>
>Will a user who is not the owner of /mydir and not in the group
>specified for /mydir be able to access /mydir/subdir?

No. To enter a directory it requires a set execution bit. With 770 only
the owner and group members can enter it.

Micha
hug

2006-11-19, 7:58 pm

Michael Fesser <netizen@gmx.de> wrote:

>.oO(hug)
>
>
>No. To enter a directory it requires a set execution bit. With 770 only
>the owner and group members can enter it.
>
>Micha

Thanks Michael. Is it documented anyplace on the web?

--
Legacy browsers never heard of emerging standards.
(contact via http://www.ren-prod-inc.com/hug_soft)
Michael Fesser

2006-11-19, 7:58 pm

..oO(hug)

>Thanks Michael. Is it documented anyplace on the web?

You could try this as a starting point:

http://en.wikipedia.org/wiki/File_s...nix_permissions

Micha
mbstevens

2006-11-19, 7:58 pm

Michael Fesser wrote:

>
> No. To enter a directory it requires a set execution bit. With 770 only
> the owner and group members can enter it.

And a side note:
gFTP has to be watched very closely when you think
you're changing the permissions of a single file somewhere deep inside a
site. It will sometimes remove the execute bit of the base directory of
the whole website. The whole site becomes unreachable to visitors until
the bit is changed back. I don't know if there are other FTP clients
that can cause this confusion, but I 've moved to NCFTP, which is rock
solid.


Toby Inkster

2006-11-19, 7:58 pm

hug wrote:

> Thanks, especially if you can point me to something that gives a
> definitive explanation.

Ummm... why not try it and find out?

[ti@ophelia (pts/2) ~]$ mkdir -p TEST/TEST2
[ti@ophelia (pts/2) ~]$ chmod 770 TEST
[ti@ophelia (pts/2) ~]$ chmod 777 TEST/TEST2
[ti@ophelia (pts/2) ~]$ su - tai
Password:
[tai@ophelia (pts/2) ~]$ cd ~ti/TEST/TEST2
/home/ti/TEST/TEST2: Permission denied.
[tai@ophelia (pts/2) ~]$ exit
logout
[tai@ophelia (pts/2) ~]$

(I have two accounts on my machine -- "ti" for work, and "tai" for
other.)

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

freemont

2006-11-19, 7:58 pm

On Tue, 14 Nov 2006 15:54:52 +0000, Toby Inkster writ:

> hug wrote:
>
>
> Ummm... why not try it and find out?
>
> [ti@ophelia (pts/2) ~]$ mkdir -p TEST/TEST2
> [ti@ophelia (pts/2) ~]$ chmod 770 TEST
> [ti@ophelia (pts/2) ~]$ chmod 777 TEST/TEST2
> [ti@ophelia (pts/2) ~]$ su - tai
> Password:
> [tai@ophelia (pts/2) ~]$ cd ~ti/TEST/TEST2
> /home/ti/TEST/TEST2: Permission denied.
> [tai@ophelia (pts/2) ~]$ exit
> logout
> [tai@ophelia (pts/2) ~]$
>
> (I have two accounts on my machine -- "ti" for work, and "tai" for
> other.)
>

How come it left you with tai's prompt after exit? :-/

--
"Because all you of Earth are idiots!"
¯`ˇ..ˇ¯`ˇ-> freemontŠ <-ˇ¯`ˇ..ˇ¯
Toby Inkster

2006-11-19, 7:58 pm

freemont wrote:

> How come it left you with tai's prompt after exit? :-/

Copy and paste error. :-(

I actually tried a few other methods of getting into the directory, but
they all came to the same result, so snipped them out.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

freemont

2006-11-19, 7:58 pm

On Tue, 14 Nov 2006 18:59:30 +0000, Toby Inkster writ:

> freemont wrote:
>
>
> Copy and paste error. :-(

Whew! I was afraid it might be yet another 2007 eccentricity.

--
"Because all you of Earth are idiots!"
¯`ˇ..ˇ¯`ˇ-> freemontŠ <-ˇ¯`ˇ..ˇ¯
hug

2006-11-19, 7:58 pm

Toby Inkster <usenet200611@tobyinkster.co.uk> wrote:

>hug wrote:
>
>
>Ummm... why not try it and find out?
>
> [ti@ophelia (pts/2) ~]$ mkdir -p TEST/TEST2
> [ti@ophelia (pts/2) ~]$ chmod 770 TEST
> [ti@ophelia (pts/2) ~]$ chmod 777 TEST/TEST2
> [ti@ophelia (pts/2) ~]$ su - tai
> Password:
> [tai@ophelia (pts/2) ~]$ cd ~ti/TEST/TEST2
> /home/ti/TEST/TEST2: Permission denied.
> [tai@ophelia (pts/2) ~]$ exit
> logout
> [tai@ophelia (pts/2) ~]$
>
>(I have two accounts on my machine -- "ti" for work, and "tai" for
>other.)

Thanks Toby.

--
Legacy browsers never heard of emerging standards.
(contact via http://www.ren-prod-inc.com/hug_soft)
Sponsored Links


Copyright 2003 - 2008 forum4designers.com  Software forum  Computer Hardware reviews