Home directory & subdirectory permission cascading


#1

Regarding Enhanced User Security, I’m just trying to understand how apacheuser can still access the web directories:

If /home/me/ is set ‘710’ and apacheuser is in the group, I understand that allusers cannot access any file or subdirectory within.

If /home/me/mywebsite/ is set ‘755’ and apacheuser is not in the group, apacheuser can still access the files because it had execute permission (at the group level) of the higher level directory, is that correct?


#2

Correct. The permissions on each directory in the path apply separately; as long as dhapache is given execute permissions in some form for each directory, that’s sufficient.