Re: directory permissions set to 600?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Robert Heller wrote:
> At Tue, 20 Jul 2010 16:57:11 -0700 CentOS mailing list <centos@xxxxxxxxxx> wrote:
> 
>>   On 07/20/10 4:54 PM, Larry Brower wrote:
>>> Ski Dawg wrote:
>>>> Hello all,
>>>>
>>>> Today, I ran across a directory in /etc/ on one of our servers whose
>>>> permissions where set to 600 (drw-------) with root being the owner.
>>>> The directory is for the firewall package for the server, so it is not
>>>> something malicious. Checking some other systems, they also have this
>>>> directory and the permissions on those servers is also 600, so it
>>>> isn't just a messed up permissions on this one machine.
>>>>
>>>> What is the difference between permissions of 600 and 700 for a
>>>> directory, that is owned by root (group root)? Is there a reason why
>>>> some directory should be set to 600 instead of 700?
>>> 600 is read and write for the owner whereas 700 is read write and
>>> execute. If there is nothing in the folder that needs to be executed
>>> than 600 would be correct.
>> um... on a directory, the X bit means you can LS the contents of the 
>> directory.   of course, root ignores this anyways and overrides it.
> 
> Note that execute access is only needed on a directory if you want to
> list its contents (eg ls).  If you know ahead of time the name of the
> file in the directory you seek to access, you don't need execute access
> on the directory.  Not having execute access on a directory keeps
> 'noisy' people from discovering the contents of the directory.  This is
> a not unreasonably security setting.
> 
>>

This is what I meant to imply, however was not clear when I responded.


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux