Filesystem permissions on Unix
If I have a folder specified as not-readable. Are all folders under it also non-readable? For example, my shared hosting home account directory is not accessible to other accounts, so, are all folders and files that are 0777 under that home account directory non-accessible, too?
Directories have two different read permissions. You have the standard read permission, like you do with files. This stops you from doing an opendir()/readdir() on the directory. This basically stops you from doing an ls in the directory. You can still access subdirectories if you know the name of them. You also have the execute permission, which in the case of directories prevents you from accessing the files inside them. You can not change directory to a directory you don't have execute permission for and you can not access anything under it, but you can still read the contents.
# mkdir -p read/subdirectory
# mkdir -p execute/subdirectory
# chmod o-x execute/
# chmod o-r read
# logout
% ls -ld read/ execute/
drwxr-xr-- 3 root root 4096 2009-10-20 14:43 execute/
drwxr-x--x 3 root root 4096 2009-10-20 14:43 read/
% ls read
ls: cannot open directory read: Permission denied
% ls execute
ls: cannot access execute/subdirectory: Permission denied
subdirectory
% cd read/subdirectory
% cd -
% cd execute/subdirectory
bash: cd: execute/subdirectory: Permission denied
You'll notice that the ls execute
displays an error and the subdirectory. The reason is that ls is allowed to read the execute directory and discover the subdirectory, but ls will stat the subdirectory and get a permission denied there.
The answer is "Yes". If, for example /foo is mode -r-x------
, no one except the owner can read or change into /foo, therefore everything beneath that directory is inaccessible for everybody else, regardless of the permissions.