[CentOS] directory permissions set to 600?
Keith Keller
kkeller at wombat.san-francisco.ca.us
Wed Jul 21 03:30:48 UTC 2010
On Tue, Jul 20, 2010 at 07:36:17PM -0700, Gordon Messmer wrote:
>
> You and John are both incorrect. Read access is sufficient to get a
> list of files and directories in a given directory. The execute bit on
> a directory is required to access the directory's contents. If a
> directory is 'rw-' for a user (other than root), the user can get a list
> of its contents using 'ls'. However, since the contents are not
> available, the user cannot stat() the names to determine what type of
> file they are, their size, their owner/group, etc. The user will also
> not be able to chdir to a sub-directory without execute access.
IOW, ls will work fine, but ls -l will not. (To be specific, a plain
old /bin/ls will work fine. If you have any ls options that need to read
the contents of the directory, like -l or -F, it'll b0rk.)
On Tue, Jul 20, 2010 at 11:20:57PM -0400, Stephen Harris wrote:
>
> Basically nothing non-root running will work properly on these machines.
> And if everything is designed to run as root then the architect has
> shown other issues. "root" is the user of last recourse on a properly
> managed server.
If it's an embedded server, like a home wifi router device, running
everything as root isn't such a big deal. If it's a real server it's in
deep trouble.
--keith
--
kkeller at wombat.san-francisco.ca.us
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20100720/0ebb6f69/attachment.sig>
More information about the CentOS
mailing list