dennett@kodak.UUCP (Charlie Dennett) (05/18/88)
I was experimenting with file access permissions and came across the
following.
I created a text file in my home directory. It had read and write access
for the owner (that's me) and read only access at both the group and world
level. I then did a chmod on the file and gave it 077 as the access mask.
This gave it full access to both group and world but took away all access
at the owner level. I did an ls -gl and a groups command and the file did
belong to the group of which I was a member. However, when I tried to cat
the file, the system returned the message 'Permission denied'.
Does this mean that owner level access overrides group and/or world access?
Even stranger - I next tried to remove the file with the rm command and
it worked!
I tried looking in the manuals for something to explain about access modes
but have so far been unsuccessful. Perhaps someone out there could explain
what is going on.
The system I am using is a SUN 3/260 running version 4.2 release 3.5. I do
not know if this is unique to SUN or not.
--
Charlie Dennett - Eastman Kodak Company
UUCP: ...rutgers!rochester!kodak!dennett
...rutgers!rochester!kodak!cygnus!dennettgwyn@brl-smoke.ARPA (Doug Gwyn ) (05/19/88)
In article <1268@kodak.UUCP> dennett@kodak.UUCP (Charlie Dennett) writes: >Does this mean that owner level access overrides group and/or world access? What it means is that the rules spelled out in the manual (e.g. p.7 of INTRO(2) in AT&T 307-226 Issue 1) are followed. >Even stranger - I next tried to remove the file with the rm command and >it worked! Naturally, since your directory had write permission. >The system I am using is a SUN 3/260 running version 4.2 release 3.5. I do >not know if this is unique to SUN or not. No, all UNIX derivatives follow these rules.
drears@ardec.arpa (Dennis G. Rears (FSAC)) (05/19/88)
Charlie Dennett <dennett@kodak.uucp> writes:
->
->I was experimenting with file access permissions and came across the
->following.
->
->I created a text file in my home directory. It had read and write access
->for the owner (that's me) and read only access at both the group and world
->level. I then did a chmod on the file and gave it 077 as the access mask.
->This gave it full access to both group and world but took away all access
->at the owner level. I did an ls -gl and a groups command and the file did
->belong to the group of which I was a member. However, when I tried to cat
->the file, the system returned the message 'Permission denied'.
->
->Does this mean that owner level access overrides group and/or world access?
->
Yes. It checks the owner first. If you are the owner and the
owner permissions say no it does not give you access. If you are not
the owner it then checks the group. if you are in the group and you
don't have group read permissions it will not give you access.
Finally if you are not the owner or in the group it will check the
world permission. In summary to access a file:
If owner you must have owner access.
If in group and not owner must have group access.
If not owner or group must have world access.
->Even stranger - I next tried to remove the file with the rm command and
->it worked!
->
Not really. rm acts not on the file but the directory. rm
actually removes the file entry in the directory. That is why you
can delete a another user's file if you have no permissions on the
file but have write permission on the directory. (like /tmp)
->I tried looking in the manuals for something to explain about access modes
->but have so far been unsuccessful. Perhaps someone out there could explain
->what is going on.
->
->The system I am using is a SUN 3/260 running version 4.2 release 3.5. I do
->not know if this is unique to SUN or not.
This is common behaviour for most UNIX versions I have worked
with.
Dennis
--------------------------------------------------------------------------
ARPA: drears@ardec-ac4.arpa UUCP: ...!uunet!ardec-ac4.arpa!drears
AT&T: 201-724-6639 Snailmail: Box 210, Wharton, NJ 07885
Work: SMCAR-FSS-E, Dennis Rears, Bldg 94, Picatinny Ars, NJ 07806
--------------------------------------------------------------------------davidsen@steinmetz.ge.com (William E. Davidsen Jr) (05/19/88)
On most systems you can delete anything if you own the directory in
which it resides. The ownership and permissions are not checked, I can
remove a file owned by root with 000 mode.
This may not be true on all systems.
--
bill davidsen (wedu@ge-crd.arpa)
{uunet | philabs | seismo}!steinmetz!crdos1!davidsen
"Stupidity, like virtue, is its own reward" -meron@topaz.rutgers.edu (Ron Natalie) (05/21/88)
>I created a text file in my home directory. It had read and write access >for the owner (that's me) and read only access at both the group and world >level. I then did a chmod on the file and gave it 077 as the access mask. >This gave it full access to both group and world but took away all access >at the owner level. I did an ls -gl and a groups command and the file did >belong to the group of which I was a member. However, when I tried to cat >the file, the system returned the message 'Permission denied'. > >Does this mean that owner level access overrides group and/or world access? In a word, YES. The if you are the owner, owner overrides everything else. If you are in the group, then group permissions override the world permission. Note that on System V, you are only in one group at a time, so the group must match the processes group for group permissions to apply, for BSD systems there is a vector of typically eight groups that you can be in simoultaneously. Group permissions apply when any of those groups match the file. >Even stranger - I next tried to remove the file with the rm command and >it worked! File permissions do not prevent deletion. Deletion is an operation that is performed on the directory the file is in. You have write permission on your directory evidentally. Write permission on a directory means the ability to create and remove files therein. There is no such function as writing into the directory itself (as you would right into a file). -Ron