[CentOS] directory permissions set to 600?

Wed Jul 21 03:30:48 UTC 2010
Keith Keller <kkeller at wombat.san-francisco.ca.us>

On Tue, Jul 20, 2010 at 07:36:17PM -0700, Gordon Messmer wrote:
> You and John are both incorrect.  Read access is sufficient to get a 
> list of files and directories in a given directory.  The execute bit on 
> a directory is required to access the directory's contents.  If a 
> directory is 'rw-' for a user (other than root), the user can get a list 
> of its contents using 'ls'.  However, since the contents are not 
> available, the user cannot stat() the names to determine what type of 
> file they are, their size, their owner/group, etc.  The user will also 
> not be able to chdir to a sub-directory without execute access.

IOW, ls will work fine, but ls -l will not.  (To be specific, a plain
old /bin/ls will work fine.  If you have any ls options that need to read
the contents of the directory, like -l or -F, it'll b0rk.)

On Tue, Jul 20, 2010 at 11:20:57PM -0400, Stephen Harris wrote:
> Basically nothing non-root running will work properly on these machines.
> And if everything is designed to run as root then the architect has
> shown other issues.  "root" is the user of last recourse on a properly
> managed server.

If it's an embedded server, like a home wifi router device, running
everything as root isn't such a big deal.  If it's a real server it's in
deep trouble.


kkeller at wombat.san-francisco.ca.us

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20100720/0ebb6f69/attachment-0003.sig>