# a file and its filename are different!
# permissions are on files, not filenames => control of filenames is left up to the directory
# directories contain filenames (not files!), that themselves refer to files

  file      readable   # may examine file contents
  file      writable   # may alter   file contents
  file      xecutable  # may run     file contents

  directory readable   # may examine directory contents (list filenames in directory)
  directory writable   # may alter   directory contents (remove or rename filenames)
  directory xecutable  # may use     directory as component in pathnames or chdir to that directory

# a read-only file is only protecting data (not its filename) from being changed