I noticed one system has 700 while another had 710 on the /home/[USER] directory. However the files and directories inside the user home have varying permissions, generally much more permissive, such as 775.
If I recall correctly, 700 for a directory prevents searching inside it by other users but allows access to files/directories inside if the exact path is known and its permissions allow it. Is that correct?
What permissions are recommended? Would recursively setting everything inside the user home to 700 be likely to break anything?
These are single user systems so it’s not a big worry, but I’m trying to trim unnecessary privileges and consider best practices.
Thanks. I was confusing 700 with the effects of 701.
For Directories
read : means you have access to list the files in a directory. You may not have access to do anything with them, but you can at least see their names, sizes, permissions, etc.
write : means you have access to change the list of files in a directory. That is, you can create files, delete them, rename them, etc. You may not be able to open (read or write) any existing files, but you can modify the list.
execute : means you can access the files or directories instead the directory as long as you know the name and have the appropriate permissions on the child file or dir. You can use the directory, but you don’t have permission to modify or see the list of files.
What is the significance of group and other permissions when the parent directory has 700?