|
Chapter 5 The UNIX Filesystem |
|
5.4 Using Directory Permissions
Unlike many other operating systems, UNIX stores the contents of directories in ordinary files. These files are similar to other files, but they are specially marked so that they can only be modified by the operating system.
As with other files, directories have a full complement of security attributes: owner, group, and permission bits. But because directories are interpreted in a special way by the filesystem, the permission bits have special meanings (see Table 5.11 ).
|
Contents |
Permission |
Meaning |
|---|---|---|
|
r |
read |
You can use the opendir() and readdir() functions (or the ls command) to find out which files are in the directory. |
|
w |
write |
You can add, rename, or remove entries in that directory. |
|
x |
execute |
You can stat the contents of a directory (e.g., you can determine the owners and the lengths of the files in the directory). You also need execute access to a directory to make that directory your current directory or to open files inside the directory (or in any of the directory's subdirectories). |
If you want to prevent other users from reading the contents of your files, you have two choices:
-
You can set the permission of each file to 0600, so only you have read/write access.
-
You can put the files in a directory and set the permission of that directory to 0700, which prevents other users from accessing the files in the directory (or in any of the directory's subdirectories) unless there is a link to the file from somewhere else.
Note the following:
-
You must have execute access for a directory to make it your current directory (via cd or chdir ) or to change to any directory beneath (contained in) that directory.
-
If you do not have execute access to a directory, you cannot access the files within that directory, even if you own them.
-
If you have execute access to a directory but do not have read access, you cannot list the names of files in the directory (e.g., you cannot read the contents of the directory). However, if you have access to individual files, you can run programs in the directory or open files in it. Some sites use this technique to create secret files - files that users can access only if they know the files' names.
-
To unlink a file from a directory, you need only have write and execute access to that directory even if you have no access rights to the file itself.
-
If you have read access to a directory but do not have execute access, you will be able to display a short listing of the files in the directory (ls); however, you will not be able to find out anything about the files other than their names and inode numbers ( ls -i ) because you can't stat the files. Remember that the directory itself only contains name and inode information.
This processing can cause quite a bit of confusion, if you are not expecting it. For example:
% ls -ldF conv dr------ 4 rachel 1024 Jul 6 09:42 conv/ % ls conv 3ps.prn bizcard.ps letterhead.eps retlab.eps % ls -l conv conv/3ps.prn not found conv/retlab.eps not found conv/letterhead.eps not found conv/bizcard.ps not found total 0 %
Table 5.12 contains some common directory permissions and their uses.
|
Octal Number |
Directory |
Permission |
|---|---|---|
|
0755 |
/ |
Anybody can view the contents of the directory, but only the owner or superuser can make changes. |
|
1777 |
/tmp |
Any user can create a file in the directory, but a user cannot delete another user's files. |
|
0700 |
$ HOME |
A user can access the contents of his home directory, but nobody else can. |
|
|
|
|
| 5.3 The umask |
|
5.5 SUID |