tags:

views:

113

answers:

3
Q: 

Lowest permission level to see the content of a file?

How can I see the contents of a file with 111 permissions? A thing called Y-combinator, as an input, prints the content of a file. My instinct says that you can run it with 100 permissions. However, I know only the theory, not the practise.

Which is the lowest permission level to see a file with Y-combinator in Bash?

The user nobody_ comments:

You don't make any sense. The Y combinator is used to create recursive functions and has nothing to do with permissions.

A question arises:

Which is the lowest permission level to see a file in Bash?

A: 

To execute a file (script or otherwise), you need to be able to load its content into memory, hence to have read access.

So only leaving execution rights on your files is not going to allow anybody to read it. However, this is still a bad idea. Nothing that should not be executed should receive execution rights. In your position, I would be much more worried in accidentally executing a text file that begins with rm * than somebody using tricks to peek at my files.

Varkhan  2009-04-15 23:19:25
My file only has a line "rm *" with 700 permissions. I try to remove the content of the fonder, where the file is lacated. Do I do it like "./file"? It asks me a weird question: "override --------x user/staff for some_file?" What should I do to remove the content?
Masi  2009-04-16 12:54:43
This is something you probably should have asked as a separate question. However, the reason is simple: rm sees you don't have write rights on the file some_file, and asks you if you want to bypass that protection. Honestly, I think your whole file permission scheme is very weird...
Varkhan  2009-04-16 16:31:08
A: 

I think you can't, and even the interpreter won't be able to (and therefore won't run it).

However, you shouldn't be worried about people seeing your code; if there are eg. security flaws, you should fix them instead.

jpalecek  2009-04-15 23:20:14
+1  A: 

You can't read the contents of a file with those permissions.

Permissions of '111' are 'execute only' and are almost useless on a regular file. In order for a file to be executed it needs at least read and execute by the owner, and in that case only the owner can read and execute it.

If you are worried about others reading your files you probably want to use '500' that would be read and execute for just you.

For more information and what these numbers mean (octal notation) you should read this page on Wikipedia: http://en.wikipedia.org/wiki/File_system_permissions#Octal_notation

Cheers, Darryl

Darryl E. Clarke  2009-04-15 23:21:31

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security