|
Chapter 22 File Security, Ownership, and Sharing |
|
22.12 A Directory that People Can Access but Can't List
Do you need to let someone use a file of yours, but you don't want everyone on the system to be able to snoop around in the directory? You can give execute permission, but not read permission, to a directory. Then, if a file in the directory is accessible, a person can use the file by typing the exact filename. ls will say the directory is "unreadable." Wildcards won't work.
Here's an example.
Let's say that your home directory has rwxr-xr-x
permissions (everyone can
access and list files in it).
Your username is hanna
.
You have a subdirectory named project
; you set
its permissions so that
everyone else on the system has execute-only permission.
-d |
hanna% |
|---|
Now you tell the other user, toria , the exact name of your file, myplan . Like everyone else on the system, she can access your project directory. She can't list it because she doesn't have read permission. Because she knows the exact filename, she can read the file because the file is readable (anyone else could read the file, too, if they knew its exact name):
toria%cd /home/hanna/projecttoria%pwdpwd: can't read . toria%lsls: . unreadable toria%more myplan...File appears ... toria%ln myplan /home/toria/project.hanna/plan
(We're using the "real" pwd
command
that reads the filesystem to find your current directory.
That's why it complains can't read .
.
If you're using the shell's shortcut pwd
, you probably won't
get the error shown above.
Article
14.4
has details.)
In the example above, toria made a hard link (18.5 ) to the myplan file, with a different name, in her own project.hanna directory. (She could have copied, printed, or used any other command that reads the file.) Now, if you (hanna ) want to, you can deny everyone's permission to your project directory. toria still has her link to the file, though. She can read it any time she wants to, follow the changes you make to it, and so on:
toria%cdtoria%ls -ld project.hanna project.hanna/plandrwx------ 2 toria 512 Jul 27 16:43 project.hanna -rw-r--r-- 2 hanna 9284 Jul 27 17:34 project.hanna/plan toria%more project.hanna/plan...File appears ...
toria has protected her project.hanna directory so that other users can't find her link to hanna 's file.
NOTE: If hanna denies permission to her directory, toria can still read the file through her hard link. If toria had made a symbolic link, though, she wouldn't be able to access the file any more. That's because a hard link keeps the file's i-number (1.22 , 18.2 ) but a symbolic link doesn't.
You might also want to give other users permission to list and access the files in a directory, but not make the directory open to all users. One way to do this is to put a fully accessible directory with an unusual name inside an unreadable directory. Users who know the exact name of the fully accessible directory can cd to it; other users can't find it without its name:
hanna%chmod 711 projecthanna%chmod 777 project/pLaNhanna%ls -ld project project/pLaNdrwx--x--x 3 hanna 512 Jul 27 17:36 project drwxrwxrwx 2 hanna 512 Jul 27 17:37 project/pLaN
Users who type cd /home/hanna/project/pLaN
can list the directory's
contents with ls
.
With the permissions you've set, other users can also create, delete, and
rename files inside the pLaN
directory - though you could have used
more restrictive permissions like drwxr-xr-x
instead.
This setup can still be a little confusing.
For instance,
as article
14.4
explains,
the pwd
command won't work for users in the pLaN
directory because pwd
can't read the project
directory.
Variables like
$cwd
(14.13
)
and
$PWD
(6.3
)
will probably have the absolute
pathname.
If another user gets lost in a restricted directory like this, the best thing
to do is cd
to the home directory and start again.
-
|
|
|
|
| 22.11 A Loophole: Modifying Files Without Write Access | 
|
22.13 Groups and Group Ownership |
