Basic Security question about directory path

["John Earl" <john.earl () powertech com>]

This seems like a very basic security question, and I _believe_ I
already know the answer, but I am in a debate with a large software
company about what is the correct security requirement for a path
prefix, so I'm looking for second opinions...

The question is this;  In a standard Unix (or POSIX really) setup, what
authority does a user require to traverse a directory path in order to
read a file from a subdirectory?

For example, if user "FRED" wishes to read file "myfile"
from location "/dir1/dir2/" (so that the full path name is
(/dir1/dir2/myfile"), should user "FRED" need just "x" access to the
root and "dir1" or should user FRED need "rx" access to the root and
"dir1".  The goal is both to read the contents of "myfile", but also to
give the user the lowest amount of authority necessary to complete the
task.

Any insight you have on this would be greatly appreciated.

Thank You,


jte


--
John Earl 
The PowerTech Group
Seattle, WA 
www.powertech.com 
 

 
This email message and any attachments are intended only for the use of
the intended recipients and may contain information that is privileged
and confidential. If you are not the intended recipient, any
dissemination, distribution, or copying is strictly prohibited. If you
received this email message in error, please immediately notify the
sender by replying to this email message, or by telephone, and delete
the message from your email system.
--