File Permissions – Valid Use Case for Execute Only File Permission

chmodexecutablefilespermissions

I was reading up on chmod and its octal modes. I saw that 1 is execute only. What is a valid use case for an execute only permission? To execute a file, one typically would want read and execute permission.

$ echo 'echo foo' > say_foo
$ chmod 100 ./say_foo
$ ./say_foo
bash: ./say_foo: Permission denied
$ chmod 500 ./say_foo
$ ./say_foo
foo

Best Answer

Shell scripts require the read permission to be executed, but binary files do not:

$ cat hello.cpp
#include<iostream>

int main() {
    std::cout << "Hello, world!" << std::endl;
    return 0;
}
$ g++ -o hello hello.cpp
$ chmod 100 hello
$ ./hello
Hello, world!
$ file hello
hello: executable, regular file, no read permission

Displaying the contents of a file and executing them are two different things. With shell scripts, these things are related because they are "executed" by "reading" them into a new shell (or the current one), if you'll forgive the simplification. This is why you need to be able to read them. Binaries don't use that mechanism.

For directories, the execute permission is a little different; it means you can do things to files within that directory (e. g. read or execute them). So let's say you have a set of tools in /tools that you want people to be able to use, but only if they know about them. chmod 711 /tools. Then executable things in /tools can be run explicitly (e. g. /tools/mytool), but ls /tools/ will be denied. Similarly, documents could be stored in /private-docs which could be read if and only if the file names are known.

Best Answer

Related Solutions

Shell Script Permissions – Can a Script Be Executable but Not Readable?

Is it possible to represent the +X symbolic permission with an octal value

Related Question