Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84 SMI; site sun.uucp
Path: utzoo!watmath!clyde!burl!ulysses!ucbvax!decvax!decwrl!sun!guy
From: guy@sun.uucp (Guy Harris)
Newsgroups: net.unix
Subject: Re: inconsistency on read/execute permissions for shell procedures
Message-ID: <2395@sun.uucp>
Date: Mon, 8-Jul-85 06:30:31 EDT
Article-I.D.: sun.2395
Posted: Mon Jul  8 06:30:31 1985
Date-Received: Thu, 11-Jul-85 00:21:49 EDT
References: <761@wanginst.UUCP>
Distribution: net
Organization: Sun Microsystems, Inc.
Lines: 14

Programs and other executable files are not really equivalent; the UNIX
documentation over-simplifies.  The UNIX kernel does the "reading" of
programs (it reads them into a process' address space and then hands control
to the code it read it), and since the kernel is not subject to regular UNIX
permission checking (it enforces those permissions, but since it has the
skeleton key it can open any door it wants to) it can read the file's
contents even if the user doesn't have read permission.  All other
executable files are read by some interpreter which runs in user mode, and
which is therefore subject to UNIX's standard permissions checking.  Because
of that, you can't have an executable file other than a program which can be
executed by a user but not read by that user (unless you modify the
interpreter to run set-UID root and to do its own permission checking).

	Guy Harris