Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Differing default directory and file permissions
- Thread starter kinhell
- Start date
A umask of "[tt]000[/tt]" will creat directories of "[tt]drwxrwxrwx[/tt]" (777) and files of "[tt]-rw-rw-rw-[/tt]" (666). The umask is the inverse (a mask) of the permissions that get created, and files and directories get created differently.
More explanation...
The permissions of a directory follow exactly what you have umask set to. For directories, the execute bit "x" must be set to be useable. That is, even if "rw" is set, you can't list the contents or open files in a directory if the execute bit "x" is off.
For a file, it follows the umask, except the execute bit "x" is never turned on. You have to turn that on yourself.
Here's a little script to show you what gets created. Run it in a directory you can throw away since a lot of files/dirs get created by it (8^3 files/dirs).
Then do an "[tt]ls -l[/tt]" and see the permissions.
The permissions of a directory follow exactly what you have umask set to. For directories, the execute bit "x" must be set to be useable. That is, even if "rw" is set, you can't list the contents or open files in a directory if the execute bit "x" is off.
For a file, it follows the umask, except the execute bit "x" is never turned on. You have to turn that on yourself.
Here's a little script to show you what gets created. Run it in a directory you can throw away since a lot of files/dirs get created by it (8^3 files/dirs).
Code:
#!/bin/ksh
for USER in 0 1 2 3 4 5 6 7
do
for GROUP in 0 1 2 3 4 5 6 7
do
for OTHER in 0 1 2 3 4 5 6 7
do
print -n "$USER$GROUP$OTHER\r"
umask $USER$GROUP$OTHER
touch umask.$USER$GROUP$OTHER.f
mkdir umask.$USER$GROUP$OTHER.d
done
done
done
print "Done!"
elgrandeperro
Technical User
Sambones, just to clarify:
I believe rw does allow listing of the contents of a dir but not chdir or executing.
eugene
I believe rw does allow listing of the contents of a dir but not chdir or executing.
eugene
Oops! You're right.
It does limit things like long listings (ls -l). The filenames show, but none of the information about the files.
I had it backwards. I was thinking of a setup we had where they wanted people to be able to access subdirectories they knew about, but not be able to search for other subdirectories. You can remove the read bit making it "d-wx-wx-wx" and they can still access subdirectories, but can't see in that directory itself.
Not sure if I'm explaining it properly.
It does limit things like long listings (ls -l). The filenames show, but none of the information about the files.
I had it backwards. I was thinking of a setup we had where they wanted people to be able to access subdirectories they knew about, but not be able to search for other subdirectories. You can remove the read bit making it "d-wx-wx-wx" and they can still access subdirectories, but can't see in that directory itself.
Not sure if I'm explaining it properly.
- Status
Similar threads
- Locked
- Question