Notes on Directory protections


    user      group      other
 [ ][ ][ ]  [ ][ ][ ]  [ ][ ][ ]

r - read (can do ls)
w - write
x - search (can access files given their name)

user bits

Note if turned off, user has power to turn them on any time.

[r][-][x] write-protect for safety
annoying?

[r][w][x] normal

`[r][w][x]`	shared writable directory can create/delete files
`[r][-][x]`	shared read-only directory can do ls If web dir is like this, users may be able to get a raw directory listing of the web files.
`[-][-][x]`	shared read-only dir can't do ls can access file if know its name can't explore without filenames Example: web dir can only browse named files the names are in the links (can't do an ls to get them) the site must advertise a starting point (a web page from which all other web pages can be found by following links alone)
`[-][-][-]`	normal - hidden

drwx---r-x  2 mhtest09 gdf1    512 2009-04-01 12:50 readabledir
drwx-----x  2 mhtest09 gdf1    512 2009-04-01 12:50 executabledir

Web directories (HTTP requests come in as "other"):

 drwx-----x

CGI directories:

 drwx-----x

`[r][-][x]`	write-protect for safety annoying?
`[r][w][x]`	normal