|
ECS Home Automation and Security Archives |
learn more
| view messages for this
month | NetBloc® | terms of use | search
subject (prev) or (next) |
time (prev) or (next) |
author (prev) or (next) |
view more subjects
Subject:
From:
Date: | Re: [ecs] Fwd: need help w linux issue
Kevin Keane
Thu, 20 Sep 2007 17:30:44 -0700 |
Um.... No.
The X bit on a directory means something completely different. It's a
bit confusing, actually, because the same bit means such different
things for directories as for files.
X on a directory means that you can cd to that directory. There are a
few other things you can't do without the X bit on a directory.
Normally, ALL directories should always have the X bit set in Linux.
What Mark is seeing is related to a completely separate layer of
security. You can tell Linux not to execute anything from, say, a thumb
drive no matter what the execute bits say. I believe Windows actually
has a similar setting somewhere. It is more akin to antivirus software
intercepting a .EXE even though it has the right extension and file format.
This is configured on the mount point level. It may come from various
places: /etc/fstab (unlikely for a USB drive), /etc/auto.master and
/etc/auto.misc, or the hotplug mechanism (can't remember offhand where
those config files are).
Neil Cherry wrote:
> Mark Gilmore wrote:
>> hi neil,
>> the execute bits *are* set.
>
> But that doesn't mean you can execute it. Really it has more to
> do with the mount point. Instead of joking around I'll explain
> better below.
>
>> it appears that the mount access settings differ from that of the
>> directory being mounted.
>> *very* weird.
>
> Actually very normal for Unix. Here's an example:
>
> $ mkdir -p a/b/c # This makes all 3 dirs with drwxrwxr-x
> $ cp bin/ansi.color.sh a/b/c/
> $ ls -l bin/ansi.color.sh a/b/c/
> -rwxrwxrwx 1 njc njc 1123 Nov 5 2006 bin/ansi.color.sh
>
> a/b/c/:
> total 4
> -rwxrwxr-x 1 njc njc 1123 Sep 20 18:52 ansi.color.sh
> $ chmod a-x a/b # Turn off the execute permissions to everyone
> $ ./a/b/c/ansi.color.sh
> -bash: ./a/b/c/ansi.color.sh: Permission denied
> $ bin/ansi.color.sh
> ----------------------------------------------------------------
> ESC[0;Foreground;Background -
> :
> :
>
> Then the rest of my shell script output. Basically if the
> permissions aren't set at the lower levels then the program
> can't be executed. In this case the noexec tells mount not to
> set the execute bits at the mount point. Actually my description
> is a bit abbreviated as the whole permission thing is a lot more
> complex and I don't understand all the details.
>
subject (prev) or (next) |
time (prev) or (next) |
author (prev) or (next) |
view more subjects