Home / server / Questions / 351672
Accepted
Tom
Asked: 2012-01-20 13:06:22 +0800 CST

Can a file that is executable be read?

  • 772

If a file has permissions -rwx-wx-wx can it be read by other and group users, or can it only executed and written? Is there some way to read an executable file by executing it?

linux permissions chmod

4 Answers

  1. Best Answer

    A file with -rwx-wx-wx permissions has read/write/execute permissions for the owner, and write/execute (but not read) permissions for everyone else.

    If it's a script (usually a text file with a #! on the first line), then it can't be executed by others, because executing a script really executes the interpreter, which must be able to read the script. (The interpreter must be a binary, not another script.) (Actually, that's not true for all systems; Ubuntu, with a 3.2.0 Linux kernel, allows the interpreter itself to be an interpreted script. There seems to be a limit of about 4 levels. That's not likely to be relevant to this question.)

    If it's a binary executable, it can be executed directly, but its contents can't be read. This means, for example, that someone other than the owner can run it as a command, but can't grab a copy of the executable.

    Of course execution requires reading, but it's read by the kernel, not by the user. You might be able to get some information about the contents of the executable by examining the memory of the process as it's running, but I doubt that you could reconstruct the binary executable file. And if the executable is setuid, you can't examine the memory of the process (unless you have access to the account under which it's executing).

    Incidentally, -rwx-wx-wx is a very odd set of permissions; it protects the file from being read by anyone other than the owner, but allows anyone to modify it. I can't think of a case where that would make sense.

    • 18

  2. With those permissions, only the owner of the file can execute it.

    Other users can write to it, but not execute it (as execution in this case implies being able to read it) but they can write to it as a sort of black box:

    user1:~$ cd /tmp
user1:/tmp$ echo "hostname" > testfile.sh
user1:/tmp$ chmod +x testfile.sh 
user1:/tmp$ ./testfile.sh  
server.example.com

user1:/tmp$ chmod 733 testfile.sh 
user1:/tmp$ ls -l testfile.sh 
-rwx-wx-wx 1 user1 user1 9 Jan 19 21:09 testfile.sh

user1:/tmp$ sudo su - user2
user2:~$ cd /tmp
user2:/tmp$ ./testfile.sh  
./testfile.sh: Permission denied
user2:/tmp$ cat testfile.sh 
cat: testfile.sh: Permission denied

user2:/tmp$ echo 'echo hello' >> testfile.sh 
user2:/tmp$ ./testfile.sh  
./testfile.sh: Permission denied

user2:/tmp$ logout

user1:/tmp$ ./testfile.sh
server.example.com
hello
    • 6

  3. The simple answer is no: only exec syscall may read a file without requiring read access (although mandating execute access). An open with O_RDONLY or O_RDWR shall fail.

    • 2

  4. Of course any file can be read by the root user.

    Also, the system loader, memory management, swapper, etc....will read a file with 'x' permission, otherwise it could not be executed.

    Possible holes in disclosing executable contents could be the /proc file for the process, core files, or by using a debugger.

    • 1