Do I correctly understand permission to directories in Linux/Unix?

4

3

Do I correctly understand permission to directories in Linux/Unix?

  1. If your directory has only r (read) permission you are allowed to see the content of the directory (which files are located there) but you cannot do it because you cannot go (cd) to this directory (because of the absence of x permissions). You also cannot see the content of the directory (which files are located there) from outside of the directory (for example by ls directoryname/*). You also will be unable to read (see) content of files located in such a directory using cat and more commands (even if you have permissions to read these files). You also will be unable to modify (write) files (even if you have write permissions to them) if these files are located in such a directory (no matter what you try cat >>, echo >>, cp or some text editor). So, from my point of view, to have only r permissions to a directory is equivalent to having absolutely no permissions to the directory.

  2. If your directory has only x (execute) permissions you are allowed to go (cd) into the directory but you are not allowed to see (ls) the content of the directory (because you do not have permissions to read the directory). If a directory has only x permission and it contains a file for which you have r (read) and w (write) permissions, you still well be unable to open this file with (at leas some) text editors (for example mcedit). But you will be able to read context of the file using such commands as cat or more. You alls will be able to modify content of the file using echo >> or cat >>. So, it seems to me, that it is x what allows users to "read" and "write" existing files in the directory (if files have the corresponding permissions too).

  3. If a directory has r and x permissions but no w (write) permissions, you cannot change content of the directory (set of files which are located there). For example you cannot create a new file there or remove existing in the directory. But you still are allowed to change content of existing files. So, you need w permissions to create or remove files in the directory.

    Added:

  4. It is also interesting to mention that w permission to the directory is necessary but not sufficient to create and delete files in the directory. If a directory has only w permission you will be unable to add/remove files from/to the directory. To be able to do so, you need to have x permission to the directory (additionally to w permission).

Roman

Posted 2010-02-28T18:53:38.207

Reputation: 375

You can think of the directory as a file, which is ``edited'' when you add/remove files from the directory. – casualuser – 2010-02-28T21:52:36.880

Answers

2

The question says:

If your directory has only "r" (read) permission you are allowed to see the content of the directory (which files are located there) but you cannot do it because you cannot go ("cd") to this directory (because of the absence of "x" permissions).

Yes, you can do it, you can see the list of files that are contained by the directory:

$ mkdir mydir
$ echo text > mydir/myfile
$ chmod a-wx mydir
$ ls -lA
total 4
dr--r--r-- 2 hcs hcs 4096 2010-02-28 22:12 mydir
$ ls -lA mydir
ls: cannot access mydir/myfile: Permission denied
total 0
-????????? ? ? ? ?                ? myfile

But you won't access any other information from the file than its name, as the list shows.

hcs42

Posted 2010-02-28T18:53:38.207

Reputation: 176

Thank you for the correction. I checked it on my Ubuntu. It works like you said. And in this way it is, actually, more logical for me. – Roman – 2010-02-28T21:35:55.970

5

From this page at Dartmouth college:

Remember that to read a file, you need execute access to the directory it is in AND read access to the file itself. To write a file, your need execute access to the directory AND write access to the file. To create new files or delete files, you need write access to the directory. You also need execute access to all parent directories back to the root. Group access will break if a parent directory is made completely private.

So from my reading of your question and this page, it looks like you've got it spot on.

ChrisF

Posted 2010-02-28T18:53:38.207

Reputation: 39 650

3

r permission gives access to the LIST of file names (but not metadata)

x permission gives access to file metadata (inode, size, owner, group, perms, etc.) (but no access to LIST of file names)

ls first enumerates the LIST of filenames, and then accesses the file metadata for each file. The metadata is accessed via stat.

Here are examples, imagine directory "example" containing file "data".

With r permissions:

  • cat /example/data will fail (no access to file metadata)

  • ls -lA example will partially succeed (access granted to LIST of file names, but not metadata)

  • cd example will fail (current directory implies access to metadata which is not available)

With x permissions:

  • cat /example/data will succeed (access to file metadata given) (access to LIST not required)

  • ls -lA example will fail (no access to LIST of file names)

  • cd example will succeed

  • ls will fail (no access to LIST of file names)

  • ls -l data will succeed (access to metadata granted)

Jack

Posted 2010-02-28T18:53:38.207

Reputation: 31

Asked: 2010-02-28T18:53:38.207

Viewed: 3 874 times

Active: 2012-09-21T23:49:52.790