You are not logged in.

Pages: 1

#1 2011-10-16 07:10:00

x33a
Forum Fellow
Registered: 2009-08-15
Posts: 4,587

[solved] Execute permissions on directory

Well this is a bit embarrassing as well as confusing, but anyway here's the question.

I had always heard that the execute permission was required to cd into a directory, but recently someone demonstrated to me that it's possible to cd into the directory without execute permission.

I experimented a bit and found out that as a normal user, it's not able to enter a directory without execute permission, but as root it is possible to.

I searched around the internet but everywhere it's said that without execute bit it's impossible to do so.

So can someone explain what's going on?

Last edited by x33a (2014-01-23 05:52:49)

Offline

#2 2011-10-16 08:02:09

Awebb
Member
Registered: 2010-05-06
Posts: 6,688

Re: [solved] Execute permissions on directory

Would it makes sense to stop root from opening a directory, when owning the directory is only a chmod and/or chown away?

Anyway, I tried it on my NAS over smb. I created a folder, chmod 000 the folder to see it has dissappeared in ls when logged in as my normal desktop user, which is also the user account on the NAS, but with different user/group ID's. The local root account on the other hand could still read and change the folder.

Offline

#3 2011-10-16 11:29:39

Barrucadu
Member
From: York, England
Registered: 2008-03-30
Posts: 1,158
Website

Re: [solved] Execute permissions on directory

Root is basically exempt from the normal permissions system.

Website | Blog

The Arch Hurd Project

Offline

#4 2011-10-16 12:57:01

x33a
Forum Fellow
Registered: 2009-08-15
Posts: 4,587

Re: [solved] Execute permissions on directory

Awebb wrote:

Would it makes sense to stop root from opening a directory, when owning the directory is only a chmod and/or chown away?

Well that should apply to attributes too, then. For example, setting the immutable bit with chattr, root cannot delete/edit the file, without doing a chattr -i on the file.

Barrucadu wrote:

Root is basically exempt from the normal permissions system.

But I suppose that's the way it is then.

Offline

#5 2011-10-16 14:26:47

falconindy
Developer
From: New York, USA
Registered: 2009-10-22
Posts: 4,111
Website

Re: [solved] Execute permissions on directory

Specifically, root is exempt from the normal discretionary access control due to possessing CAP_DAC_OVERRIDE.

See 'man 7 capabilities' for more.

blog | ±github

Offline

#6 2011-10-16 15:45:08

x33a
Forum Fellow
Registered: 2009-08-15
Posts: 4,587

Re: [solved] Execute permissions on directory

falconindy wrote:

Specifically, root is exempt from the normal discretionary access control due to possessing CAP_DAC_OVERRIDE.

See 'man 7 capabilities' for more.

Thanks, the man page was very insightful.

Offline

Pages: 1

Board footer

Powered by FluxBB