Robert Heller wrote:
> At Tue, 20 Jul 2010 16:57:11 -0700 CentOS mailing list <centos@xxxxxxxxxx> wrote:
>
>> On 07/20/10 4:54 PM, Larry Brower wrote:
>>> Ski Dawg wrote:
>>>> Hello all,
>>>>
>>>> Today, I ran across a directory in /etc/ on one of our servers whose
>>>> permissions where set to 600 (drw-------) with root being the owner.
>>>> The directory is for the firewall package for the server, so it is not
>>>> something malicious. Checking some other systems, they also have this
>>>> directory and the permissions on those servers is also 600, so it
>>>> isn't just a messed up permissions on this one machine.
>>>>
>>>> What is the difference between permissions of 600 and 700 for a
>>>> directory, that is owned by root (group root)? Is there a reason why
>>>> some directory should be set to 600 instead of 700?
>>> 600 is read and write for the owner whereas 700 is read write and
>>> execute. If there is nothing in the folder that needs to be executed
>>> than 600 would be correct.
>> um... on a directory, the X bit means you can LS the contents of the
>> directory. of course, root ignores this anyways and overrides it.
>
> Note that execute access is only needed on a directory if you want to
> list its contents (eg ls). If you know ahead of time the name of the
> file in the directory you seek to access, you don't need execute access
> on the directory. Not having execute access on a directory keeps
> 'noisy' people from discovering the contents of the directory. This is
> a not unreasonably security setting.
>
>>
This is what I meant to imply, however was not clear when I responded.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
