[CentOS] directory permissions set to 600?

Wed Jul 21 05:42:08 UTC 2010
Gordon Messmer <yinyang at eburg.com>

On 07/20/2010 08:30 PM, Keith Keller wrote:
>
> IOW, ls will work fine, but ls -l will not.  (To be specific, a plain
> old /bin/ls will work fine.  If you have any ls options that need to read
> the contents of the directory, like -l or -F, it'll b0rk.)

Well, to be *specific*, reading the contents of the directory is 
allowed.  That's what 'ls' will do.  The attributes of the files 
contained within the directory are not read from the directory.  They're 
returned by stat() on the paths composed of the directory path plus the 
names returned by reading the directory.  The stat() call will fail, 
since you can read the directory's own content, but cannot access any of 
the items within the directory.

> If it's an embedded server, like a home wifi router device, running
> everything as root isn't such a big deal.  If it's a real server it's in
> deep trouble.

They're the configuration files for a firewall package.  It's fine that 
they're readable only by root.  No other user would have any use for 
them, as only the root user can manipulate iptables entries.