inconsistency on read/execute permissions for shell procedures
Guy Harris
guy at sun.uucp
Mon Jul 8 20:30:31 AEST 1985
Programs and other executable files are not really equivalent; the UNIX
documentation over-simplifies. The UNIX kernel does the "reading" of
programs (it reads them into a process' address space and then hands control
to the code it read it), and since the kernel is not subject to regular UNIX
permission checking (it enforces those permissions, but since it has the
skeleton key it can open any door it wants to) it can read the file's
contents even if the user doesn't have read permission. All other
executable files are read by some interpreter which runs in user mode, and
which is therefore subject to UNIX's standard permissions checking. Because
of that, you can't have an executable file other than a program which can be
executed by a user but not read by that user (unless you modify the
interpreter to run set-UID root and to do its own permission checking).
Guy Harris
More information about the Comp.unix
mailing list