SCAR-iT/LWM-Linux

Fork 0

ganome 6557698228

Sanitize Chapter 5

2024-09-05 17:16:13 -06:00

4.5 KiB

Raw Blame History

Understanding File Permissions in Linux

1. Introduction to File Permissions

In Linux, file permissions are a crucial aspect of system security and user access control. They determine who can read, write, or execute files and directories. Understanding file permissions is essential for system administrators and users alike.

2. Basic Concepts

Users and Groups

Every file and directory in Linux is owned by a user and associated with a group. There are three types of users:

Owner: The user who created or owns the file
Group: Users belonging to the file's group
Others: All other users on the system

Permission Types

There are three basic permission types: a) Read (r): Allows viewing the contents of a file or listing the contents of a directory b) Write (w): Allows modifying a file or creating/deleting files within a directory c) Execute (x): Allows running a file as a program or accessing a directory

3. Viewing File Permissions

To view file permissions, use the ls -l command. The output will look like this:

-rwxrw-r-- 1 user group 4096 Jul 22 10:00 example.txt

Let's break down this information:

First character: File type (- for regular file, d for directory)
Next 9 characters: Permissions for owner, group, and others
User name and group names
File size in bytes
Last modification date and time
File name

4. Understanding Permission Notation

Symbolic Notation

Permissions are represented by 9 characters, grouped into three sets of three:

First set: Owner permissions (rwx)
Second set: Group permissions (rwx)
Third set: Others permissions (rwx)

Each set uses 'r' for read, 'w' for write, and 'x' for execute. A hyphen (-) indicates the absence of that permission.

Numeric Notation

Permissions can also be represented numerically:

Read (r) = 4
Write (w) = 2
Execute (x) = 1

The sum of these values for each user category represents the permissions:

7 (4+2+1) = rwx (Read, Write, Execute)
6 (4+2) = rw- (Read, Write)
5 (4+1) = r-x (Read, Execute)
4 = r-- (Read only)
3 (2+1) = -wx (Write, Execute)
2 = -w- (Write only)
1 = --x (Execute only)
0 = --- (No permissions)

##5. Changing File Permissions

Using chmod with Symbolic Notation

The chmod command is used to change file permissions. The basic syntax is:

chmod [who][operation][permissions] filename

Who: u (user/owner), g (group), o (others), a (all)
Operation: + (add), - (remove), = (set exactly)
Permissions: r, w, x

Examples:

chmod u+x file.txt: Add execute permission for the owner
chmod go-rw file.txt: Remove read and write permissions for group and others
chmod a=rx file.txt: Set read and execute permissions for all users

Using chmod with Numeric Notation

You can also use numeric notation with chmod:

chmod [numeric_permissions] filename

Example:

chmod 755 file.txt: Set rwx for owner, rx for group and others

6. Changing File Ownership

chown command

Use chown to change the owner of a file:

chown new_owner filename

chgrp command

Use chgrp to change the group of a file:

chgrp new_group filename

7. Special Permissions

SetUID (Set User ID)

Represented by 's' in the owner's execute position
Allows a file to be executed with the permissions of the file owner
Numeric value: 4000

SetGID (Set Group ID)

Represented by 's' in the group's execute position
For files: Executes with the permissions of the file group
For directories: New files inherit the directory's group
Numeric value: 2000

Sticky Bit

Represented by 't' in the others' execute position
Used on directories to prevent users from deleting files they don't own
Numeric value: 1000

Example: chmod 4755 file: Sets SetUID and rwxr-xr-x permissions

8. Default Permissions

The umask command sets the default permissions for newly created files and directories. It specifies which permissions should be removed from the default (666 for files, 777 for directories).