目录权限测试
创建普通用户falcon本次操作在falcon家目录下执行,test目录中默认文件644,目录755
# pwd
/home/falcon/test
#ll
total 4
d--------- 3 rootroot 4096 Feb 25 22:33 test
# ll
total 12
drwxr-xr-x 2 daemondaemon 4096 Feb 25 22:32 one
-rw-r--r-- 1 daemon daemon 4 Feb 25 22:33 three
-rw-r--r-- 1 daemon daemon 4 Feb 25 22:32 two
为什么权限设置默认主目录755,root.root;里面daemon.daemon目录755,文件644
#ll
total 4
drwxr-xr-x 6 rootroot 4096 Feb 25 23:13 test
$ll
drwxr-xr-x 2 daemondaemon 4096 Feb 25 22:32 one
-rw-r--r-- 1 daemondaemon 4 Feb 25 23:13 three
$echo fafa >>three
-bash: three:Permission denied
$ mkdir eight
mkdir: cannot createdirectory `eight': Permission denied
$touchnight
touch: cannot touch`night': Permission denied
$rm -f three
rm: cannot remove`three': Permission denied
无法修改文件,无法创建文件目录,无法删除文件
结论:安全
目录权限000
$ cdtest/
-bash: cd: test/:Permission denied
$echo "fafa">>sh
-bash: sh:Permission denied
$sh four
sh: four: Permissiondenied
$cat four
cat: four:Permission denied
$mkdir seven
mkdir: cannot createdirectory `seven': Permission denied
$touch seven
touch: cannot touch`seven': Permission denied
什么都干不了
目录权限001
#chmod 001 test;ll
total 4
d--------x 3 rootroot 4096 Feb 25 22:33 test
$ll
ls: .: Permissiondenied
$mkdir seven
mkdir: cannot createdirectory `seven': Permission denied
$touch eight
touch: cannot touch`eight': Permission denied
$cat four
11111
$sh sh
two
$echo "fafa">>sh
-bash: sh:Permission denied
无法查看目录列表,无法修改文件,无法删除文件,只能查看已知文件
目录权限003
$ll
ls: .: Permissiondenied
$echo 2222>>sh
-bash: sh:Permission denied
$mkdir falcon
$touch four
$
无法查看目录列表,可以创建文件,目录,但是无法修改已有文件
目录权限005
$ll
drwxrwxr-x 2 falconfalcon 4096 Feb 25 22:59 falcon
-rw-r--r-- 1root root 0 Feb 25 22:53 five
-rw-rw-r-- 1 falconfalcon 6 Feb 25 22:59 four
drwxr-xr-x 2 daemondaemon 4096 Feb 25 22:32 one
-rw-r--r-- 1 daemondaemon 23 Feb 25 22:50 sh
drwxrwxr-x 3 falconfalcon 4096 Feb 25 23:02 six
$echo 222 >> sh
-bash: sh:Permission denied
$touchsh2
touch: cannot touch`sh2': Permission denied
$mkdir sh2
mkdir: cannot createdirectory `sh2': Permission denied
$cat sh
#!/bin/bash
echo "two"
可以查看目录,文件,但无法修改
目录权限007
$echo eeee >>three
-bash: three:Permission denied
无法修改已有文件
结论其他组w权限可以可以创建文件,目录,危险
下面为反向测试。如果给了不该给的权限会造成什么后果
目录权限022
$ rm -f three
rm:cannot remove `three': Permission denied
$ ll
ls: .:Permission denied
$ ll
ls: .:Permission denied
$ mkdir touch
mkdir:cannot create directory `touch': Permission denied
$ touch v
touch:cannot touch `v': Permission denied
$ rm -f four
rm:cannot remove `four': Permission denied
$ rm -fr six
rm:cannot lstat `six': Permission denied
只具有2的权限还算安全
目录权限023
$ echo 111 >> v
$ rm -f three
$ echo 222 >>four
-bash:four: Permission denied
$ ll
ls: .:Permission denied
无法查看目录,无法修改文件,但是可以创建文件
# ll
-rw-rw-r--1 falcon falcon 4 Feb 25 23:25 v
$ cat sh
#!/bin/bash
echo"222"
$ sh sh
222
结论:wr必须在一起才有用处,虽然无法修改已有文件,但已经可以往里面插入文件了,并执行文件
所以。其他组拥有w权限危险
页:
[1]