How permissions on directories work?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I don't understand how permissions on directories work.
For example:
r
: I can list all present files in a directory (e.g. ls
)
w
: I can modify a file in a directory, delete it and create a new sub-directory
x
: I can access to a directory (e.g. cd
)
If I'm right in the following situation:
-w-
- Can I remove a file if I already know its name?
- Can I remove a file even if I don't have write permissions to it?
Another question. In case of sticky bit (e.g. /tmp
) I can't remove or rename a file if I'm not its owner: in order to do it a file permission isn't enough?
linux files
add a comment |Â
up vote
1
down vote
favorite
I don't understand how permissions on directories work.
For example:
r
: I can list all present files in a directory (e.g. ls
)
w
: I can modify a file in a directory, delete it and create a new sub-directory
x
: I can access to a directory (e.g. cd
)
If I'm right in the following situation:
-w-
- Can I remove a file if I already know its name?
- Can I remove a file even if I don't have write permissions to it?
Another question. In case of sticky bit (e.g. /tmp
) I can't remove or rename a file if I'm not its owner: in order to do it a file permission isn't enough?
linux files
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:r
and you can read the content of the "file" which is the file of files in directory,w
and you can modify the list of files in the directory, that is deleting or creating new ones,x
and here the metaphor breaks a little... so no good analogy.
â Patrick Mevzek
Aug 19 at 16:10
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I don't understand how permissions on directories work.
For example:
r
: I can list all present files in a directory (e.g. ls
)
w
: I can modify a file in a directory, delete it and create a new sub-directory
x
: I can access to a directory (e.g. cd
)
If I'm right in the following situation:
-w-
- Can I remove a file if I already know its name?
- Can I remove a file even if I don't have write permissions to it?
Another question. In case of sticky bit (e.g. /tmp
) I can't remove or rename a file if I'm not its owner: in order to do it a file permission isn't enough?
linux files
I don't understand how permissions on directories work.
For example:
r
: I can list all present files in a directory (e.g. ls
)
w
: I can modify a file in a directory, delete it and create a new sub-directory
x
: I can access to a directory (e.g. cd
)
If I'm right in the following situation:
-w-
- Can I remove a file if I already know its name?
- Can I remove a file even if I don't have write permissions to it?
Another question. In case of sticky bit (e.g. /tmp
) I can't remove or rename a file if I'm not its owner: in order to do it a file permission isn't enough?
linux files
linux files
asked Aug 19 at 13:07
Drew Ber
61
61
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:r
and you can read the content of the "file" which is the file of files in directory,w
and you can modify the list of files in the directory, that is deleting or creating new ones,x
and here the metaphor breaks a little... so no good analogy.
â Patrick Mevzek
Aug 19 at 16:10
add a comment |Â
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:r
and you can read the content of the "file" which is the file of files in directory,w
and you can modify the list of files in the directory, that is deleting or creating new ones,x
and here the metaphor breaks a little... so no good analogy.
â Patrick Mevzek
Aug 19 at 16:10
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:
r
and you can read the content of the "file" which is the file of files in directory, w
and you can modify the list of files in the directory, that is deleting or creating new ones, x
and here the metaphor breaks a little... so no good analogy.â Patrick Mevzek
Aug 19 at 16:10
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:
r
and you can read the content of the "file" which is the file of files in directory, w
and you can modify the list of files in the directory, that is deleting or creating new ones, x
and here the metaphor breaks a little... so no good analogy.â Patrick Mevzek
Aug 19 at 16:10
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
2
down vote
The x
permission on directory dir
lets you access the files dir/file
. Without it, the w
permission doesn't help you at all, since to create or delete the files, you'd need to be able to point to them.
If you had -wx
on the directory, however, then you could remove files if you knew their names (and create new files).
Reading the directory, i.e. listing the contents doesn't require accessing any of dir/file
, just dir
itself, so if you have r--
, you can get a listing of the files.
The permissions of the file don't influence removing the file, not even in sticky directories, at least on my Linux. The man page (chmod(1)) says you need to be the owner of the file, or the directory to remove or rename files from a sticky directory.
/tmp$ ls -l test
-rw-rw-rw- 1 root root 0 Aug 19 16:17 test
/tmp$ rm test
rm: cannot remove 'test': Operation not permitted
See also: Execute vs Read bit. How do directory permissions in Linux work?
Aw
permission (withoutx
) is totally useless for a directory, right? The-wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in/tmp
likerwxrwx--- user1 group1
and I'muser2 group1
, can I remove that file?
â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,w
withoutx
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say,users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.
â ilkkachu
Aug 19 at 20:15
I'm thinking about the following casedrwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?
â Drew Ber
Aug 25 at 9:54
Considering another case:drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case:drwxr-xr-- root root dir
user1 can still performls
command on that direcotory without accessing to it, right?
â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you havew
todir
, but not todir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.
â ilkkachu
Aug 25 at 10:25
 |Â
show 1 more comment
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
2
down vote
The x
permission on directory dir
lets you access the files dir/file
. Without it, the w
permission doesn't help you at all, since to create or delete the files, you'd need to be able to point to them.
If you had -wx
on the directory, however, then you could remove files if you knew their names (and create new files).
Reading the directory, i.e. listing the contents doesn't require accessing any of dir/file
, just dir
itself, so if you have r--
, you can get a listing of the files.
The permissions of the file don't influence removing the file, not even in sticky directories, at least on my Linux. The man page (chmod(1)) says you need to be the owner of the file, or the directory to remove or rename files from a sticky directory.
/tmp$ ls -l test
-rw-rw-rw- 1 root root 0 Aug 19 16:17 test
/tmp$ rm test
rm: cannot remove 'test': Operation not permitted
See also: Execute vs Read bit. How do directory permissions in Linux work?
Aw
permission (withoutx
) is totally useless for a directory, right? The-wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in/tmp
likerwxrwx--- user1 group1
and I'muser2 group1
, can I remove that file?
â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,w
withoutx
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say,users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.
â ilkkachu
Aug 19 at 20:15
I'm thinking about the following casedrwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?
â Drew Ber
Aug 25 at 9:54
Considering another case:drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case:drwxr-xr-- root root dir
user1 can still performls
command on that direcotory without accessing to it, right?
â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you havew
todir
, but not todir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.
â ilkkachu
Aug 25 at 10:25
 |Â
show 1 more comment
up vote
2
down vote
The x
permission on directory dir
lets you access the files dir/file
. Without it, the w
permission doesn't help you at all, since to create or delete the files, you'd need to be able to point to them.
If you had -wx
on the directory, however, then you could remove files if you knew their names (and create new files).
Reading the directory, i.e. listing the contents doesn't require accessing any of dir/file
, just dir
itself, so if you have r--
, you can get a listing of the files.
The permissions of the file don't influence removing the file, not even in sticky directories, at least on my Linux. The man page (chmod(1)) says you need to be the owner of the file, or the directory to remove or rename files from a sticky directory.
/tmp$ ls -l test
-rw-rw-rw- 1 root root 0 Aug 19 16:17 test
/tmp$ rm test
rm: cannot remove 'test': Operation not permitted
See also: Execute vs Read bit. How do directory permissions in Linux work?
Aw
permission (withoutx
) is totally useless for a directory, right? The-wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in/tmp
likerwxrwx--- user1 group1
and I'muser2 group1
, can I remove that file?
â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,w
withoutx
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say,users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.
â ilkkachu
Aug 19 at 20:15
I'm thinking about the following casedrwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?
â Drew Ber
Aug 25 at 9:54
Considering another case:drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case:drwxr-xr-- root root dir
user1 can still performls
command on that direcotory without accessing to it, right?
â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you havew
todir
, but not todir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.
â ilkkachu
Aug 25 at 10:25
 |Â
show 1 more comment
up vote
2
down vote
up vote
2
down vote
The x
permission on directory dir
lets you access the files dir/file
. Without it, the w
permission doesn't help you at all, since to create or delete the files, you'd need to be able to point to them.
If you had -wx
on the directory, however, then you could remove files if you knew their names (and create new files).
Reading the directory, i.e. listing the contents doesn't require accessing any of dir/file
, just dir
itself, so if you have r--
, you can get a listing of the files.
The permissions of the file don't influence removing the file, not even in sticky directories, at least on my Linux. The man page (chmod(1)) says you need to be the owner of the file, or the directory to remove or rename files from a sticky directory.
/tmp$ ls -l test
-rw-rw-rw- 1 root root 0 Aug 19 16:17 test
/tmp$ rm test
rm: cannot remove 'test': Operation not permitted
See also: Execute vs Read bit. How do directory permissions in Linux work?
The x
permission on directory dir
lets you access the files dir/file
. Without it, the w
permission doesn't help you at all, since to create or delete the files, you'd need to be able to point to them.
If you had -wx
on the directory, however, then you could remove files if you knew their names (and create new files).
Reading the directory, i.e. listing the contents doesn't require accessing any of dir/file
, just dir
itself, so if you have r--
, you can get a listing of the files.
The permissions of the file don't influence removing the file, not even in sticky directories, at least on my Linux. The man page (chmod(1)) says you need to be the owner of the file, or the directory to remove or rename files from a sticky directory.
/tmp$ ls -l test
-rw-rw-rw- 1 root root 0 Aug 19 16:17 test
/tmp$ rm test
rm: cannot remove 'test': Operation not permitted
See also: Execute vs Read bit. How do directory permissions in Linux work?
edited Aug 19 at 13:25
answered Aug 19 at 13:20
ilkkachu
51.2k678141
51.2k678141
Aw
permission (withoutx
) is totally useless for a directory, right? The-wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in/tmp
likerwxrwx--- user1 group1
and I'muser2 group1
, can I remove that file?
â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,w
withoutx
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say,users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.
â ilkkachu
Aug 19 at 20:15
I'm thinking about the following casedrwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?
â Drew Ber
Aug 25 at 9:54
Considering another case:drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case:drwxr-xr-- root root dir
user1 can still performls
command on that direcotory without accessing to it, right?
â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you havew
todir
, but not todir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.
â ilkkachu
Aug 25 at 10:25
 |Â
show 1 more comment
Aw
permission (withoutx
) is totally useless for a directory, right? The-wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in/tmp
likerwxrwx--- user1 group1
and I'muser2 group1
, can I remove that file?
â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,w
withoutx
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say,users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.
â ilkkachu
Aug 19 at 20:15
I'm thinking about the following casedrwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?
â Drew Ber
Aug 25 at 9:54
Considering another case:drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case:drwxr-xr-- root root dir
user1 can still performls
command on that direcotory without accessing to it, right?
â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you havew
todir
, but not todir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.
â ilkkachu
Aug 25 at 10:25
A
w
permission (without x
) is totally useless for a directory, right? The -wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in /tmp
like rwxrwx--- user1 group1
and I'm user2 group1
, can I remove that file?â Drew Ber
Aug 19 at 20:02
A
w
permission (without x
) is totally useless for a directory, right? The -wx
condition lets me able to remove/rename/add a file, but I'm not able to modify a file (e.g. write something into it) if I don't have the write permission to that file: right? About the sticky bit: if I have a file in /tmp
like rwxrwx--- user1 group1
and I'm user2 group1
, can I remove that file?â Drew Ber
Aug 19 at 20:02
@DrewBer, 1) yep,
w
without x
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say, users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.â ilkkachu
Aug 19 at 20:15
@DrewBer, 1) yep,
w
without x
is useless as far as I know. 2) And yep, modifying the file is controlled by the file's permissions. 3) I didn't test, but I don't think group membership is enough to delete files from sticky directories. It's not uncommon for a system to have just a single group (say, users
) for almost all the users, and the point of stickiness would be mostly defeated if members of the group could delete the files of other members of the group.â ilkkachu
Aug 19 at 20:15
I'm thinking about the following case
drwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?â Drew Ber
Aug 25 at 9:54
I'm thinking about the following case
drwxr-xrwx root root dir
-rwxr-xr-x user1 user1 file
File is inside dir. In the above situation user1 can modify the file due to its write access, but another no-root user can do it due to write access to directory: 1. user2 can remove file 2. user2 can write a modified version of file. The result is the same, right?â Drew Ber
Aug 25 at 9:54
Considering another case:
drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case: drwxr-xr-- root root dir
user1 can still perform ls
command on that direcotory without accessing to it, right?â Drew Ber
Aug 25 at 9:57
Considering another case:
drwxr-x--- root root dir
-rwxr-xr-x user1 user1 file
In this case user1 can execute and modify the file but it can't perform ls or cd commands on dir: it can do it if the file path is already known, right? Last case: drwxr-xr-- root root dir
user1 can still perform ls
command on that direcotory without accessing to it, right?â Drew Ber
Aug 25 at 9:57
@DrewBer, that first one is a good point: if you have
w
to dir
, but not to dir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.â ilkkachu
Aug 25 at 10:25
@DrewBer, that first one is a good point: if you have
w
to dir
, but not to dir/file
, you can remove or rename the file and create a new one with the same name. It does change the identity of the file, though: any hard links to it are broken, it could get a new inode, and the new file is owned by the user who re-creates it.â ilkkachu
Aug 25 at 10:25
 |Â
show 1 more comment
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f463495%2fhow-permissions-on-directories-work%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
If you, for a moment, imagine that a directory is a file whose content is the list of files in it, it helps to explain the permissions on the directory:
r
and you can read the content of the "file" which is the file of files in directory,w
and you can modify the list of files in the directory, that is deleting or creating new ones,x
and here the metaphor breaks a little... so no good analogy.â Patrick Mevzek
Aug 19 at 16:10