Reason Execute Bit Is Needed For Directories?

[shanenin]

I drove myself crazy earlier not being able to play some video files, or more correct, read some files as regular user. The problem was I ran chmod 664 recursively on my media directory. It was pointed out to me that regular users need 755 set on directorys to read the contents. Is their a security reason that non root users can't read the contents of directorys that are not set with the execute bit(even if they own them)?

[iccaros]

yes, it's called discretionary access control

it allows an admin (root) to set directories so to a level so that application can not be run. (so a Trojan installs in a folder but the user can not run it)

you should be able to read the folder, but not run anything from it. I have never seen this with video as its not run, but I guess the system could see that as an exacutable depending on type.

I'll test it on gentoo..

[jcl]

The execute bit on directories control access to -- not just execution of -- the contents of a directory.

As for why... you've got to do something with the 'execute' bit on directories and traversal control is sometimes useful.

[shanenin]

the reason it stumped my for so long is I owned the directory and contents, so I did not see any logical reason I was getting "permission denied" The funny part is I can just change it to executable with out any problem(since I own it). So it is not really any more secure.

Edited January 30, 2007 by shanenin

[iccaros]

yes sorry I'm late on the responce (Kids)

this page explains

http://www.zzee.com/solutions/linux-permis...nk_9_1077830297

[baker7]

Thank you for this information - will be helpful as I continue to work with linux

Brian