Re: directory permissions set to 600?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, Jul 20, 2010 at 07:36:17PM -0700, Gordon Messmer wrote:
> 
> You and John are both incorrect.  Read access is sufficient to get a 
> list of files and directories in a given directory.  The execute bit on 
> a directory is required to access the directory's contents.  If a 
> directory is 'rw-' for a user (other than root), the user can get a list 
> of its contents using 'ls'.  However, since the contents are not 
> available, the user cannot stat() the names to determine what type of 
> file they are, their size, their owner/group, etc.  The user will also 
> not be able to chdir to a sub-directory without execute access.

IOW, ls will work fine, but ls -l will not.  (To be specific, a plain
old /bin/ls will work fine.  If you have any ls options that need to read
the contents of the directory, like -l or -F, it'll b0rk.)

On Tue, Jul 20, 2010 at 11:20:57PM -0400, Stephen Harris wrote:
> 
> Basically nothing non-root running will work properly on these machines.
> And if everything is designed to run as root then the architect has
> shown other issues.  "root" is the user of last recourse on a properly
> managed server.

If it's an embedded server, like a home wifi router device, running
everything as root isn't such a big deal.  If it's a real server it's in
deep trouble.

--keith

-- 
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx

Attachment: pgpwMr426vbef.pgp
Description: PGP signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux