[Samba] PDC directory permission fail
Brian H. Nelson
bnelson at cis.ysu.edu
Tue Jan 5 19:13:28 MST 2010
Bino Oetomo wrote:
> And ... voila ... the user can access (read-write) into the shares ...
> But it'll means that the user can also "execute" somethings inside
> directory ... right ?
>
> Why we need the "execute" bit in directory permission just to let the
> user to "read and write only" ?
>
That is how UNIX filesystem permissions work. 'Execute' on a directory
allows traversal of (ie access into) the directory.
From Wikipedia (http://en.wikipedia.org/wiki/File_system_permissions):
There are three specific permissions on Unix-like systems that apply to
each class:
* The read permission, which grants the ability to read a file. When
set for a directory, this permission grants the ability to read the
names of files in the directory (but not to find out any further
information about them such as contents, file type, size, ownership,
permissions, etc.)
* The write permission, which grants the ability to modify a file.
When set for a directory, this permission grants the ability to modify
entries in the directory. This includes creating files, deleting files,
and renaming files.
* The execute permission, which grants the ability to execute a
file. This permission must be set for executable binaries (for example,
a compiled c++ program) or shell scripts (for example, a Perl program)
in order to allow the operating system to run them. When set for a
directory, this permission grants the ability to traverse its tree in
order to access files or subdirectories, but not see files inside the
directory (unless read is set).
Search Google for "unix permissions" if you need more understanding.
-Brian
More information about the samba
mailing list