[ale] Grepping on the access_log

Joe Knapka jknapka.spam.me.not at earthlink.net
Tue Aug 1 23:53:08 EDT 2000 

Strider Centaur wrote:
> 
>     Does the user have Directory Permissions?  Setting a files permissions does
> not help you if the user does not have permission to access the directory and all
> the directories above it.  Linux/Unix permission are inherited ( I believe that's
> what they call it ) from the parent directories.

You're most likely right about the problem, but I have a
quibble with your characterization of permissions.

It's not inheritance, in any strict sense of the term.
You don't automatically get, for example, "write" permission
to the files in a directory just by having write 
permission on the directory; nor are you automatically
denied write permission to directory contents by virtue of
not having write permission to the directory itself.
For directories, "r" allows you to get a list of the
directory contents, "w" allows you to update the
directory itself (which you'd need to do to create
a file, but not to write an existing file), and "x"
allows you to follow a path through the directory.
"x" is the important one.

All a user needs is execute permission on a directory
in order to read any file (or subdirectory), provided
they have read access to the file. For directories, the
execute bit is interpreted to mean "searchable", as in,
"The user has permission to search this directory to
find the specific item they are looking for." So if you
have permissions 001 (that is, --------x) on a directory,
anyone can read any file in that directory, provided they
know the file's name beforehand, and have read access to
the file. They can also access the contents of subdirectories,
if the subdirs' permissions allow. They *can't* get a
directory listing, though; that requires "read" permission
on the directory itself.

Conversely, if you *don't* have "x" permission on
a directory, you won't be able to access any file
that lies on a path through that directory, even if
you have read permissions on everything else in sight.

Didactically yours,

-- Joe

-- 
*** Joseph Knapka ***
In any formula, constants (especially those obtained from handbooks)
are to be treated as variables.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list