On Thu, 2006-01-12 at 07:28 +1030, Tim wrote: > Paul Howarth: > >>> A user other than the owner that is in the same group as the file won't > >>> be able to read it, will they? > > Tim: > >> Argh, double negative logic, and it's 6am... > >> > >> If I create a test file as user and group "tim", then make it mode 404 > >> e.g. -r-----r-- 1 tim tim 5 Jan 12 06:04 permissions.text > >> User "test" in group "test" can read it (I've tested this). > >> > >> Are you saying that they should or shouldn't be able to do so? > > Paul Howarth: > > What about user "test" in group "tim"? > > Same results, as I expected. > User test in group tim should not be able to read the file above (although user test in group test would be able to do so). Because you do not show how you tested this, I just tested the combinations myself with the results below. As you can see, with 4 possible combinations of owner and group permissions, one user is both group and owner, one is group but not owner, and one is neither group or owner Permissions work according to which column the user falls into. The owner gets only the user permissions (group and other ignored). A group member who is not the owner gets only the group permissions (user and other ignored). A user who is neither the owner nor a group member gets only the other permissions (user and group ignored). user test is group test (user aka owner) user test1 is group test (group) user test2 is group test2 (other) The directory where these are located has permissions 755. -------------------- user test1: (group denied) [test1@eagle test]$ ll total 16 -r--r--r-- 1 test test 11 Jan 11 16:43 testfile1 -r-----r-- 1 test test 11 Jan 11 16:43 testfile2 -------r-- 1 test test 11 Jan 11 16:44 testfile3 ----r--r-- 1 test test 11 Jan 11 16:44 testfile4 [test1@eagle test]$ cat testfile* testfile1 cat: testfile2: Permission denied cat: testfile3: Permission denied testfile4 -------------------- User test: (owner denied) [test@eagle ~]$ ll total 16 -r--r--r-- 1 test test 11 Jan 11 16:43 testfile1 -r-----r-- 1 test test 11 Jan 11 16:43 testfile2 -------r-- 1 test test 11 Jan 11 16:44 testfile3 ----r--r-- 1 test test 11 Jan 11 16:44 testfile4 [test@eagle ~]$ cat testfile* testfile1 testfile2 cat: testfile3: Permission denied cat: testfile4: Permission denied -------------------------------------- User test2: (other granted all) [test2@eagle test]$ ll total 16 -r--r--r-- 1 test test 11 Jan 11 16:43 testfile1 -r-----r-- 1 test test 11 Jan 11 16:43 testfile2 -------r-- 1 test test 11 Jan 11 16:44 testfile3 ----r--r-- 1 test test 11 Jan 11 16:44 testfile4 [test2@eagle test]$ cat testfile* testfile1 testfile2 testfile3 testfile4