I'm guessing the proper way is to not propagate both up and down. So in the case of a user granting access to other user to a file stored in /foo/bar/x Those permissions won't propagate upwards and the user or the application should manage that, or he may be able to see the content of x, but not navigate through /foo/bar/ tho it may be unexpected.