Saturday, December 24, 2016

File Permissions and Access Rights 1

File Permissions and Access Rights 1

File and Directory Access Reviews

In UNIX, all kinds of system resources have the rights to read, write and execute on defined users and groups. The file attributes configuration determines who can read, write, and execute a resource.
 
By default, a user has all rights to all resources under his or her home directory.


A special UNIX user, 'root', has all rights over all system resources.






Above "ls -l" is shown where the owner of the file, the group, and the access authorities are located.

The first character on the left is the file type ("-" ordinary file, "l" link, "d" directory, etc.)


The next 3 characters are the access authority of the owner of the file

The following 3 characters are the access authority of the group of the file
The last 3 characters are the access authorities of the others

 
The * mark on the right side of the file names indicates that the file is executable by the current user. This is a feature of the ls program running under Linux.


As can be understood from the examples, there are three kinds of authority, and these authorities read, write and operate with the order.

If there is a letter in the authorization definition, the corresponding authorization is given. If there is a "-" sign, the authorization is not given.


When three of these definitions of authority come side by side, the authority of the owner, group and others of the file can be determined.


For example:"---------" means that no one has any authority"r --------" means that the owner only has the authority to read, the same group and others have no authority over the file"rw-rw-r--" means that the owner and the group have the authority to read and write, and others are only authorized to read"rwx-r-xr-x" indicates that the owner has read, write and execute authority, the group has authority to read and execute the group, and others have read and execute authority.


The writing authority defines the ability to make changes and delete at the same time. The person who is authorized to write to a file can be deleted.


Access to files and directories is regulated by the "chmod" command.

"chmod u+x hidden_file" - gives the right to run the "hidden_file" file. 


"chmod ug = rw important_file" - only the read and write authority is given to the owner and group of the "important_file" file, and the authority of the other does not change.

Multiple authorizations can be made at the same time, separated by commas.


"chmod ug+rw, ug-x, o-rwx bigfile" - the owner and group of the "bigfile" file are given read and write permissions, the owner of the file and its group are authorized to run, and no authority is given to the others.


The special powers of stick, setuid and setgid will be discussed later.


The access authority of the file can be given in octal numbers for chmod command.

You need to use 4 for "r", 2 for "w", 1 for "x" and finally 0 for "-". The figures corresponding to the authorities are written and collected in groups of 3. The 3-digit number is the number of authority.


For example:

"-rw-r-x---"        means (4+2+0) + (4+0+1) + (0+0+0) = 650
"-rwx-wx--x"     means (4+2+1) + (0+2+1) + (0+0+1) = 731
"-rwxrwxrwx"  means (4+2+1) + (4+2+1) + (4+2+1) = 777

We can change the access rights of any file by both following ways (they both mean the same):

chmod +rwx any_file.ext
chmod 777 any_file.ext

The permissions will be "-rwxrwxrwx".

To read my previous article: File and Directory Commands

No comments :

Post a Comment

Comments system

Disqus Shortname