> I'm sorry I don't understand the connection between executable
> and browsable. To me browsable means readable, NO? /mc can certainly
No .. no exactly.
But I agree, people have largely forgotten the difference, and
it's not clear if the distinction is currently correctly implemented.
If a directory is browsable "x", then you can ls -l on any *named*
directory entry, i.e. "ls -l dir/foo", but can't do "ls -l dir".
For the latter the directory must be readable "r".
OTOH, if it's +r only, then you can't cd into it. It needs to be
+x for that, but you won't be able to see anything when you're in it
unless you know what you're looking for.
Think of the directory as a file with a list of filenames.
Quote:> be read by root.
> I have no idea what permissions "nobody" runs with. How do I tell?
nobody *runs with* permissions of any kind. Nobody in particular has
none! But people do *have* permissions depending on what groups they're
Quote:> And are you saying that /var/spool/cron/crontabs/nobody runs with
> user "nobody" permissions rather than with root permissions?
Of course. It runs as nobody.
Quote:> _M> Perhaps because you made the directory /mc not executable (browsable)
> _M> by _anyone_ including the owner? Also, does "nobody" have root
> _M> permission?
I'm not sure what he meant by the last sentence. Perhaps he was
asking if nobody is a member of wheel ;-), or if the cronjob runs
a setuid root executable. Probably the latter.