Differences between current version and revision by previous author of FilePermissions.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 18 | Last edited on Tuesday, February 2, 2010 12:48:21 pm | by LawrenceDoliveiro | |
| Older page: | version 16 | Last edited on Monday, April 30, 2007 6:40:54 am | by AristotlePagaltzis | Revert |
@@ -29,13 +29,13 @@
!!! Effects of permissions on directories
It's easy to understand what a particular set of permissions means for a file. On directories, it's less intuitive, so here are some explanations:
-Having __r__ead permission on a directory means that you can see the list of files in that directory. It doesn't mean anything else; in particular, it doesn't mean that you can open the files. Being able to read a directory means being able to list the files contained in the directory – no more, no less.
+Having __r__ead permission on a directory means that you can see the list of files in that directory. It doesn't mean anything else; in particular, it doesn't mean that you can open the files, or get information about them via stat(2)
. Being able to read a directory means being able to list the files contained in the directory – no more, no less.
-Having __w__rite access means that
you can
modify the directory. That means you can create or delete files or directories in it. ''You can delete a file even if you do not have any permissions to write or even read the file'' as long as you have write permission for the directory in which the file resides.
+Having __w__rite access on its own
means nothing. But together with e__x__ecute access, it allows
you to
modify the directory. That means you can create or delete files or directories in it. ''You can delete a file even if you do not have any permissions to write or even read the file'' as long as you have write and execute
permission for the directory in which the file resides.
-The e__x__ecutable permission on directories means that you may use it as part of a path. F.ex., if user <tt>bob</tt> does not have execute permission for <tt>/var/queue/joe</tt>, he will not be able to read <tt>/var/queue/joe/msg.371</tt>, even if he has read permission on the file itself.
+The e__x__ecutable permission on directories means that you may use it as part of a path. F.ex., if user <tt>bob</tt> does not have execute permission for <tt>/var/queue/joe</tt>, he will not be able to read or stat
<tt>/var/queue/joe/msg.371</tt>, even if he has read permission on the file itself.
!! Absence of read permission
If the <tt>/var/queue/joe</tt> directory from the last example has the execute permission set, but __not__ the read permission, then <tt>bob</tt> will not be able to get a directory listing. (Remember? Read permission means you can get a directory listing.) ''However'', if he knows the name of a file in that directory, eg. he knows that <tt>/var/queue/joe/msg.371</tt> exists, and he has read permission for the file itself, then he can still read the file. Also, if he has write permission to the directory, he will be able to delete <tt>/var/queue/joe/msg.371</tt>, even though he cannot get a directory listing.
