Write but not read permission on a file in linux

linux permissions filesystems

Is it possible to have write but not read permission on a file in Linux? What about execute but not read and write permission?


Solution 1:

Yes, although execute permission without read permission is meaningless on a non-binary file (since you need to read a script to execute it). On a directory, execute without read means you can traverse the directory, but not list it or do anything else with its contents. Consider the following path:

/home/user/foo/bar

If directory foo has mode 0711 (full permission for owner, execute only for group and world), while directory bar has mode 0755 (full permission for owner, read and execute for everyone else), then accounts other than user may cd /home/user/foo/bar and find that bar behaves as any ordinary directory; however, while cd /home/user/foo will work, ls and any other command in that directory will fail due to insufficient permissions (i.e., you can't read the directory to list its contents).

Write permission without read permission on a file does just what it implies: you can write to the file, but you can't read back what you've written. This might be useful in a case where processes under multiple accounts write to a single logfile, but a process belonging to one user must not be able to read the (presumably sensitive) log entries from a process belonging to another user.

Solution 2:

[benji@laptop ~]$ ./hello
Hello world!
[benji@laptop ~]$ chmod 000 hello #no permissions, start out with a clean slate
[benji@laptop ~]$ chmod +x hello #make it executable
[benji@laptop ~]$ cat hello #try to read it, but can't
cat: hello: Permission denied
[benji@laptop ~]$ ./hello #try to run it, it works!
Hello world!
[benji@laptop ~]$

[benji@laptop ~]$ cat hello.sh
#!/usr/bin/bash
echo 'Hello world!'
[benji@laptop ~]$ chmod 000 hello.sh #no permissions, start out with a clean slate
[benji@laptop ~]$ chmod +x hello.sh #make it executable
[benji@laptop ~]$ cat hello.sh #try to read it; FAIL
cat: hello.sh: Permission denied
[benji@laptop ~]$ ./hello.sh #try to run it, but the shell interpreter (bash) cannot read it; FAIL
/usr/bin/bash: ./hello.sh: Permission denied
[benji@laptop ~]$

It is possible to have execute only permissions only if the file is not a shell script; a shell script needs to be read (and therefore needs read permissions) by the shell interpreter. Otherwise, for binary executable files, read permissions are not required; just execute permissions.

[benji@laptop ~]$ echo hello >file
[benji@laptop ~]$ chmod 000 file #no permissions, start out with a clean slate
[benji@laptop ~]$ chmod +w file #write-only permissions
[benji@laptop ~]$ cat file #cannot read it
cat: file: Permission denied
[benji@laptop ~]$ echo hello again >file #but *can* write it

So yes, it is possible to have write but not read permissions on a file.

Solution 3:

The read, write, execute permissions in Unix generically are totally independent.

Unix distinbguishes between user permissions (for the owner of the file), group permissions (for anybpdy belonging to the file's group) and others. The permissions are checked strictly in this order; i.e., if the user tries an access, the user permissions apply, and nothing else is checked; if not the user but belongs to the group, group permissions apply; if none of the above, others permissions apply.

Permissions are shown by ls(1) as rwx thrice (user, group, others). So r-- means read-only, rw- is read-write, and --x is execute only. The command chown(1) is normally fed octal numbers giving the permissions, but you can also use the above notation, i.e., chown u+r,g-x,o=rw somefile means "add r for user, subtract x for group, set r and w exactly for others".

Solution 4:

One way of approaching chmod is to use the chmod math where read=4 write=2 execute=1. the positioning of the number you want goes in the order U=user G=group O=Others the command 'chmod UGO' will set permissions.

If you want user to have full permissions it would be read(4)+write(2)+execute(1)=7

If you want group to have read and execute it would be read(4)+execute(1)=5

If you want other to have no access it would be 0

the command to set those permissions would be: chmod 750 file

Related

x64 Hardware Virtualisation support not detected on Windows 8.1
Remove linux file named with set of shell responsive characters
brother printer firmware update password reset
`Access is denied` when I try to create a directory in Windows Vista . .
NullPointerException : println needs a message in android
vi visual mode doesn't work
When accessing a drive on a computer over the network, why do you use a '$'
Is there a LINQ function for getting the longest string in a list of strings?
How to find out if a CPU has an MMU
How to determine the entropy of a password
HTML 5 input type="number" element for floating point numbers on Chrome
How to force IntelliJ IDEA to show welcome screen again?