Determining User Access on a Linux Filesystem with „Classic Permissions“

„Does User X have Access to File Y?“

In terms of filesystem permissions, the answer to the question „does user X have (whatever) permissions on file Y“ depends on the following conditions:

1. What explicit permissions does X have on Y? Note:

  • If X is owner and group-owner, the owner-permissions are effective.

2. Does X have read- and execute- permissions on every intermediate component of the absolute dereferenced path of Y?

3. Does any component of the absolute path of Y grant write- and execute-permissions to X? Note:

  • If X is neither owner nor group-onwer of the entry contained by the component, and the restricted delegation flag is set on the component, then the component does not grant write permission to the existing entry of X in question, i.e to the following component.

4. If Y is a filetype that supports hard links, tests 2 and 3 have to be performed for every hard link of Y.