Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Why do you grant execute permission to files as well as directories?

nwolg
nwolg February 16, 2022

Hello.

https://ja.confluence.atlassian.com/confkb/how-to-set-file-system-permissions-for-confluence-986879252.html

sudo chmod -R u=rwx,g=rx,o=rx <confluence-install-folder>
sudo chmod -R u=rwx,g=rx,o=rx <confluence-home-folder>

I think reading that document, it looks like you are granting execute permission to all files.
When executing an application, it is sufficient for the file to have reference permissions, but why grant execution permissions?
It would be great if you could tell me why.

Thank you.

Answer
Watch
Like Be the first to like this
1835 views

2 answers

0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 16, 2022

Because most of the install is executable files so they need permission to run, and so are bits of the data, and the executable permission also grants access to directories.

View More Comments
nwolg
nwolg February 16, 2022

I understand the need for execution permissions to be granted to directories.
However, I don't understand why the -R option should grant execute permission to all files in that directory migration.
Does README.txt or server.xml need to have execute permission?

Like
nwolg
nwolg February 16, 2022

I do not understand the need for the "-R" option in that command.
I think the scope of influence is too large.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 16, 2022

I think it is important to understand what that doc is about - it's giving you a quick fix for permissions after you've messed up your installation by messing with file permissions (either by running as the wrong user or making unneccesary changes to them directly)

Could you explain why you are hung up on execute permissions for non-executable files?  

Like
nwolg
nwolg February 16, 2022

The reason why I insist on execute permissions is because I don't think that having unnecessary execute permissions is a good choice for security. In fact, I think it's a bad choice.
I think the basic rule is that only the file to be executed should have execute permission.

However, if the document is to fix a broken environment after installation, then I understand.
It may indeed be one way to quickly fix a broken environment.

Thank you very much.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 16, 2022

But why?

Let's say I write a text file with "make me a sandwich" as the body, and save it as "mmas.txt" on a file system.

What is the security risk?

Like
Reply
0 votes
Pramodh M
Pramodh M
Community Champion
February 16, 2022

Hi @nwolg 

Script files, class files are present which are necessary to start the application in the installation folder require execute permission. This is the reason execute permission is provided to the installation directory

(Example: start-confluence.sh)

I found a helpful article here to know why we need execute permission to home directory

https://unix.stackexchange.com/questions/21251/execute-vs-read-bit-how-do-directory-permissions-in-linux-work

Thanks

View More Comments
nwolg
nwolg February 16, 2022

I understand the need for execution permissions to be granted to directories.
However, I don't understand that the -R option requires that all files in that directory migration be granted execution rights.
Does README.txt or server.xml need to have execute permission?
Shouldn't they be the only files that need execute permission?

Like
nwolg
nwolg February 16, 2022

Note that if you use the installer, the ".sh" file will have been given execution permissions beforehand.
I don't understand why you would dare to grant execution permission to any other file.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security