On Fri, Apr 28, 2023 at 08:20:37PM +0200, [email protected] wrote: > On Fri, Apr 28, 2023 at 01:28:11PM -0400, Greg Wooledge wrote: > > On Fri, Apr 28, 2023 at 07:06:17PM +0200, Maurizio Caloro wrote: > > > f: /var/lib/rancid/routers/configs > > > drwxr-xr-x root root / > > > drwxr-xr-x root root var > > > drwxr-xr-x root root lib > > > drwxr-xr-x rancid rancid rancid > > > drwxr-x--- rancid rancid routers > > > drwxr-x--- rancid rancid configs > > > > The last two directories are missing world +x permission. This means > > the web server process can't touch them -- can't enter them, can't > > open files within them, etc. > > [...] > > I guess they need read permission too?
Only if the web server process needs to generate a directory listing. If it knows the file name in advance, read permission isn't needed -- just execute. > And the file itself, c3560, also needs read permissions. > We don't know that, yet :) Yes, assuming the intent is to deliver the file's content, it'll need read permission on the file itself.
