Shared library permissions

Matthew Burgess matthew at
Mon Aug 22 12:39:54 PDT 2005

Hi folks.

Does anyone know why shared libraries need the execute bit set on them? 
  My most recent build (gcc4-based) has most[1] *.so files installed 
with 755 permissions.  As it's so consistent, I'm assuming there is a 
reason for them to be executable.  Thanks to Tarek Ghaleb and Andrew 
Benton for highlighting the issue [2]. states: "On HP, 
shared libraries need to have r-x permissions (no write).  On other
Unixes, shared libraries do not need execute permission." backs up the HP-UX side 
of that, which is hardly useful in our case!

I think that hints 
that the execute bit should be kept around even though it has no effect 
on x86 systems. states 
"Classically, *all* shared objects, dlopen()ed or not, required execute
permission, because that permission was used to govern whether mmap()ed
pages could be marked executable."  This links in to Drepper's DSO Howto 
which also mentions mmap()ed pages and

So, after all that, there's lots of anecdotal evidence that we should 
retain the execute permissions on shared libs, but nothing conclusive 
that it's *required* on modern Linux systems.  Can someone with far 
better googling skills (or just plain technical knowledge) be so good as 
to enlighten me, please?



[1] Exceptions being: /lib/ (555), /usr/lib/ 
(644), /usr/lib/ (644), /usr/lib/ 
(644), and Perl's modules (555)


More information about the lfs-dev mailing list