Understanding Directory Permissions on Linux
This blog post is for those who understand how file permissions work but are looking for an explanation on how file permissions behave when they are applied to directories.
given a filename(or dir name) which is directly under this directory, it can be translated into its inode number only if this permission is available. (In Layman’s language, inode number’s are needed to access a file’s metadata and actual data on Linux). With an exec-only permission, a user can access a file/subdir only if he knows its complete name.
If this permission is available then one can see the names of the files/subdirs which are directly under this directory but cannot change these names. (but note that, without dir permission, one cannot still translate these names into inode numbers and hence, cannot reach the actual file/subdir)
Note: try making a dir read-without-exec and do “ls dir” and “ls -l dir” to see the difference. “ls -l” actually accesses the file info for which it needs access to its inode number and thus, it does not complete successfully unless exec permission on dir is available.
If this permission is available then one can add/remove a new file/subdir directly under this dir (even if the user does not own that file, it can still be changed/deleted, enable sticky bit to prevent that)
- IMHO “write only” permission on dir is useless (if someone knows any use of it please do mention that in comments)
2 Replies to “Understanding Directory Permissions on Linux”
it was very interesting to read.
I want to quote your post in my blog. It can?
And you et an account on Twitter?
Yeah, you can quote me
and my twitter landing page is http://www.twitter.com/ashishbhatia