I'm almost ashamed to admit that there is one thing I am still unsure about when it comes to file permissions.
Let's say I have a directory with 750 permission (drwxr.x…). Then I create some descendant files inside it with a rather common 644 permission (.rw.r..r..).
Can the files in that directory be read by any other user on the system (outside of their owner or group), and why? On the one hand, those files have a world readable bit, so that should indicate the file is readable by anybody. On the other hand, the ascendant directory is not world executable (nor readable) so as long as this prevents access to the directory's contents, the world readable bit on the files would be irrelevant. Is that definitively true or is there any way around this?
Now, I seem to regularly see instances where someone recommends a chmod -R o-rwx or something. On example is in Debian's Maildir directories created by postfix I believe – all files, not just the directory, have had world/group read removed. Is it really necessary to remove that world read bit from the files inside if the directory has no world access? I ask as I'm trying to plan how to set up /var/www on a server and have it not world-readable ie by other local users.
Best Answer
Yes, the files can be read, because they are world readable, but if the directory is not world readable, assuming the user is not in group owning the directory, the user would need another link to the file. e.g.:
Now the user can access the file, but will have to do so using /tmp/file.