For example, on terminal window A,

whoami # root
mkdir /opt/experiment/
chown aristo:aristo /opt/experiment/

Now on another terminal window, B,

su aristo
whoami # aristo
cd /opt/experiment/
touch aaa
# OK aaa is created

On terminal A,

chown root:root /opt/experiment/
chmod 700 /opt/experiment

On terminal B,

whoami #aristo
touch bbb
# OK bbb is created in /opt/experiment/
cd /opt/experiment/
# Gives permission denied
ls -la
# Gives correct listing
# Gives /opt/experiment

But on a new terminal C,

su aristo
whoami # aristo
cd /opt/experiment/
# Gives permission denied

In the above scenario, note that on terminal B user aristo can still access the 
directory even after the permission is set to 700 by root. Can you clarify the 
reason? Is it an expected behavior? If so why? It looks non-intuitive and 
invites unexpected security issues. If it is not intentional then what is the 
reason of this behavior?

Reply via email to