Robert Heller wrote: > At Tue, 20 Jul 2010 16:57:11 -0700 CentOS mailing list <centos@xxxxxxxxxx> wrote: > >> On 07/20/10 4:54 PM, Larry Brower wrote: >>> Ski Dawg wrote: >>>> Hello all, >>>> >>>> Today, I ran across a directory in /etc/ on one of our servers whose >>>> permissions where set to 600 (drw-------) with root being the owner. >>>> The directory is for the firewall package for the server, so it is not >>>> something malicious. Checking some other systems, they also have this >>>> directory and the permissions on those servers is also 600, so it >>>> isn't just a messed up permissions on this one machine. >>>> >>>> What is the difference between permissions of 600 and 700 for a >>>> directory, that is owned by root (group root)? Is there a reason why >>>> some directory should be set to 600 instead of 700? >>> 600 is read and write for the owner whereas 700 is read write and >>> execute. If there is nothing in the folder that needs to be executed >>> than 600 would be correct. >> um... on a directory, the X bit means you can LS the contents of the >> directory. of course, root ignores this anyways and overrides it. > > Note that execute access is only needed on a directory if you want to > list its contents (eg ls). If you know ahead of time the name of the > file in the directory you seek to access, you don't need execute access > on the directory. Not having execute access on a directory keeps > 'noisy' people from discovering the contents of the directory. This is > a not unreasonably security setting. > >> This is what I meant to imply, however was not clear when I responded. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos