Originally Posted by Quigi
Even if you have write (and execute!) access to /home, you could not delete /home/fred if it was a directory with anything in it.
i found the best way to 'force teach' myself about file permissions was to bash myself over the head with ftp for a little while.
when you're setting up an ftp server conf file, you don't want to sit there for 30 hours typing out every single command and whether or not user a, b, or c can use those commands in a given directory or tree of directories.
in short... most viewing and reading commands, whatever they may be, fall under LIST (for ftp) which translates to READ (or VIEW) on your operating system. most write, delete, edit, make new file, make new directory, delete directory, move file, cut and paste file commands fall under WRITE (for ftp) and WRITE (for your os). executable files are a no brainer... execute is just EXECUTE.
This is why the chmod string (minus the sticky bit) is really only 3 numbers... 644 for home dir's... 777 for universal access... those 3 numbers correlate to 3 types of permission.
1st number = READ (R)
2nd number = WRITE (W)
3rd number = EXECUTE (X)
If you ever look at a directory in "list" mode instead of "icon" mode, you'll be able to see the file attributes and directory attributes... often they'll be done like this...
fileA .................. -r-w-x
fileB .................. -r----
fileC .................. -r---x
fileD .................. ----x
fileA can be read / written / and executed (thats your 777)
fileB can be read, but not written or executed
fileC can be read and executed but not written, so you can't delete it!
fileD is great too, you can ONLY execute it. why is this good?
let's say you're a programmer in a test environment cluster. you've put together a great little script or module or whatever, and you and you share it with your coworkers before giving it off to the boss. well coworker A turns out to be a jerk, and wants to snag your idea by ripping off your code and taking it to the boss first... nope, can't do it, he can execute the file, but he can't read it in a text editor or anything else. aww... poor lil guy. of course, root overrides all of this, but unless his buddy is the system admin, then you're safe.