- 1Introduction
- 2Classic Permissions
- 3Simultaneous User- and Group-Ownership
- 4Restricted Delegation
- 5Absolute Paths and Path Components
- 6Directory Write-Permissions
- 7Directory Execute-Permissions
- 8Symbolic Links
- 9Hard Links
- 10"Does User X have Access to File Y?"
- 11Observations and Caveats
- 12A Partial Test Procedure
Observations and Caveats
When performing the test procedure as described above on non-directories, the complexity of the test increases in proportion to the number of hard links of a file, not counting in the effort it requires to determine every hard link of the file, which can be significant on large filesystems.
In this article, only the semantics of „classic permissions“ as implemented by the „mode bits“ have been analyzed. Not taken into account have been:
- Attributes that can be assigned with chattr(1),
- extended POSIX-ACLs that can be managed with getfacl(1) and setfacl(1) if the filesystem supports them,
- „bind-mounts“ that can make directories available at different places in the directory system,
- processes running in chroot(2) environments and
- the implications of modified mount namespaces.