For example, consider a file with protection mode 644 (octal) contained in a directory with protection mode 730. How might the file be compromised in this case? What are the limitations?

Archivo: 110100100 (propietario, grupo, otro: rw - r- - r--)

Directorio: 111 011 000 (propietario, grupo, otro: rwx - wx - --)

Explanation:

Directory permissions are critical. Since group members can access directory ('x') and can modify directory ('w'), even though they can't list directory (not 'r'), it means that if a group member knows the name of the file, that person can also delete it because deleting a file requires permission to write to the directory: file permissions are irrelevant (although commands like 'rm' warn you when you don't have write permission to the file directory, that's a courtesy, because it doesn't matter to the system call 'unlink () ').

Therefore, a member of your group (or, more precisely, a member of the group to which the directory belongs) can delete the file if you know its name. They can also read the file if they know its name, and can create a file with the same name if the original is already missing. Based on the file permissions, being able to read the file is not a compromise - you would have denied group read access (and public read access) if that mattered.