(other unix folk check my work please…)
Sooo… essentially, the accessing program needs to run with an effective owner or group for which the file to be accessed has read privileges for the designated owner or group. Oh, and if the file has read access for the world, that’ll do it too.
A bit of command shell, you can start one and run these commands without navigating to directories…
The program:
ps -eo euser,egroup,comm | grep [name_of_program_you're_interested_in]
will tell you what effective owner and group the running program has. Here’s what I get for my program rawproc:
glenn@caliente:~$ ps -eo euser,egroup,comm |grep rawproc
glenn glenn rawproc
Run this command for darktable and lightzone (these may not be their actual running names; I don’t know, don’t have either available at the moment)
The media:
ls -l /media/[your_user_name]
will tell you what owner and group each mounted device under your user name has, and what permissions are assigned.
glenn@caliente:~$ ls -l /media/glenn
total 17
drwxrwxr-x 18 root root 1024 Jan 14 2014 Storage
drwxr-xr-x 2 glenn glenn 16384 Dec 31 1969 System
I stuck a random SD card on my desk into a reader, the above is what I get. Reading ‘drwxr-xr-x’ from left to right, the ‘d’ indicates it’s a directory, and the next three groups of three letters tell me the permissions for the owner, group, and world respectively. This’d tell me that if I ran a program with glenn/glenn as owner and group:
- The rwx for the directory owner would be enough to get to System if the owners matched.
- If the owners didn’t match, the directory’s group permissions of r-x would let me read and run programs from System, but not write to it.
- If both the owners and groups don’t match, then the directory’s world permissions, r-x, would give my program the same access as if the groups matched.
Yeah, a bit complicated, but Windows is worse. And probably no more secure.
If nothing else, post the results here and we can consider it.