Linux – Write but not read permission on a file in linux

filesystemslinuxpermissions

Is it possible to have write but not read permission on a file in Linux?
What about execute but not read and write permission?

Best Answer

Yes, although execute permission without read permission is meaningless on a non-binary file (since you need to read a script to execute it). On a directory, execute without read means you can traverse the directory, but not list it or do anything else with its contents. Consider the following path:

/home/user/foo/bar

If directory foo has mode 0711 (full permission for owner, execute only for group and world), while directory bar has mode 0755 (full permission for owner, read and execute for everyone else), then accounts other than user may cd /home/user/foo/bar and find that bar behaves as any ordinary directory; however, while cd /home/user/foo will work, ls and any other command in that directory will fail due to insufficient permissions (i.e., you can't read the directory to list its contents).

Write permission without read permission on a file does just what it implies: you can write to the file, but you can't read back what you've written. This might be useful in a case where processes under multiple accounts write to a single logfile, but a process belonging to one user must not be able to read the (presumably sensitive) log entries from a process belonging to another user.

Related Solutions

Linux Permissions – What Does the ‘Execute’ Permission Do?

Basically it means you can tell the operating system to run the code in the file. For example, if the file was a binary executable, read access would allow you to view it, write access would allow you to modify it, but without execute permissions you would not be able to run the program. In the case of a script, its a little more complicted, because you don't necessarily need to 'run' the program, you can just read its contents into an interpreter, which itself has the execute privelige, but you do not need execute permissions on the script itself.

Some scripts in Linux are themselves executable, you will often see a line at the top like

#!/bin/bash

#!/bin/python

That line tells the kernel that the file can be executed by calling the relevant program (and isn't just text). Then you can just run your script like

./script

instead of having to do

python ./script

Linux – File permission. Write and execute only

There are uses for most objects you will find in a filesystem:

Directories: -wx would let you be in the the directory, create & modify files in it, but not list its contents. --x is sometimes used for directories as a security-through-obscurity measure, for instance on /home so people can't see what other users exist via their footprint in /home (though note well: obscurity on its own is no security - in the case of hiding the contents of /home a user can usually read the same information from /etc/passwd anyway)

Named Pipes: The execute bit has no meaning for a pipe so this is the same as -w- meaning you can write to the pipe but not read from it (so you can't see what other writers are putting into the pipe or disrupt the reader).

Device Nodes (as usually found under /dev): Similar to named pipes - you could write to the device but not read from it.

Normal Files: -w- would allow a user to append to a file, but not read existing data. Execute permission would not be very useful here, but you could have some very weird executable that used the back end of itself for configuration and allow the user to modify that config without reading the rest of the binary. I can't imaging this would be useful or at all safe though.

Best Answer

Related Solutions

Linux Permissions – What Does the ‘Execute’ Permission Do?

Linux – File permission. Write and execute only

Related Question