How to check in Perl if the file permission is greater than 755?

Question

For a unix file, I want to know if Group or World has write permission on the file.

I've been thinking on these lines:

my $fpath   = "orion.properties";
my $info    = stat($fpath) ;
my $retMode = $info->mode;
$retMode = $retMode & 0777;

if(($retMode & 006)) {
  # Code comes here if World has r/w/x on the file
} 

Thanks.

Answer 1

You are close with your proposal - the usage of stat is a little off (but on second thoughts, you must be using File::stat; it helps if your code is complete), the mask constant is faulty, and the comment leaves somewhat to be desired:

use strict;
use warnings;
use File::stat;

my $fpath   = "orion.properties";
my $info    = stat($fpath);
my $retMode = $info->mode;
$retMode = $retMode & 0777;

if ($retMode & 002) {
    # Code comes here if World has write permission on the file
}     
if ($retMode & 020) {
    # Code comes here if Group has write permission on the file
}
if ($retMode & 022) {
    # Code comes here if Group or World (or both) has write permission on the file
}
if ($retMode & 007) {
    # Code comes here if World has read, write *or* execute permission on the file
} 
if ($retMode & 006) {
    # Code comes here if World has read or write permission on the file
} 
if (($retMode & 007) == 007) {
    # Code comes here if World has read, write *and* execute permission on the file
} 
if (($retMode & 006) == 006) {
    # Code comes here if World has read *and* write permission on the file
}
if (($retMode & 022) == 022) {
    # Code comes here if Group *and* World both have write permission on the file
}

---

The terminology in the question title 'How to check in Perl if the file permission is greater than 755? i.e. Group/World has write permission' is a little suspect.

The file might have permissions 022 (or, more plausibly, 622), and that would include group and world write permission, but neither value can reasonably be claimed to be 'greater than 755'.

A set of concepts that I've found useful is:

• Set bits - bits in the permissions field that must be 1.
• Reset bits - bits in the permissions field that must be 0.
• Don't care bits - bits that can be set or reset.

For example, for a data file, I might require:

• Set 0644 (owner can read and write; group and other can read).
• Reset 0133 (owner cannot execute - it is a data file; group and other cannot write or execute).

More likely, for a data file, I might require:

• Set 0400 (owner must be able to read).
• Reset 0133 (no-one can execute; group and other cannot write).
• Don't care 0244 (does not matter whether the owner can write; does not matter whether group or others can read).

Directories are slightly different: execute permission means that you can make the directory your current directory, or access files in the directory if you know their name, while read permission means you can find out what files are in the directory, but you can't access them without execute permission too. Hence, you might have:

• Set 0500 (owner must be able to read and use files in the directory).
• Reset 0022 (group and others must not be able to modify the directory - delete or add files).
• Don't care 0255 (don't care whether user can create files; don't care whether group or other can list or use files).

Note that the set and reset bits must be disjoint (($set & $rst) == 0)), the sum of the bits will always be 0777; the "don't care" bits can be computed from 0777 & ~($set | $rst).