Saturday, May 10, 2014

File and Directory Permissions

Permissions is a type of good security features in Linux operating system. Permissions is used to assign on files as well as on directories.




There are three types of files permissions:

  • Read (r) - To view a file's contents.
  • Write (w) - To change or delete the file.
  • Execute (x) - To run the file as a program.
There are also three types of directory permissions same as file permissions but they have different meaning.

Three types of directory permissions:


  • To list the content of the directory.
  • To add and remove files in the directory.
  • To list information about the files in the directory.
How permissions are assigned ?

  • Permissions are assigned to all 3 entities, like for user (u), group (g), and others (o).

Understanding Permissions:

 Description:
  1. Specifies the type of file: "-" means a regular file, " l " means a link, "d" means a directory.
  2. Permissions of the user : r = read, w = write, x = execute.
  3. Permissions of the group :  r = read, w = write, x = execute.
  4. Permissions of the other :  r = read, w = write, x = execute.
  5. Number of links pointing to the file.
  6. Owner of the file.
  7. Group owner of the file.
  8. The file size.
  9. The file's last modification (or creation) date and time.
  10. Name of the file.

Numeric values for the read, write and execute permissions:
  • read - 4
  • write - 2
  • execute - 1
Value                                   Meaning
777
(rwxrwxrwx) No restrictions on permissions. Anybody may do anything. Generally not a desirable setting.
755
(rwxr-xr-x) The file's owner may read, write, and execute the file. All others may read and execute the file. This setting is common for programs that are used by all users.
700
(rwx------) The file's owner may read, write, and execute the file. Nobody else has any rights. This setting is useful for programs that only the owner may use and must be kept private from others.
666
(rw-rw-rw-) All users may read and write the file.
644
(rw-r--r--) The owner may read and write a file, while all others may only read the file. A common setting for data files that everybody may read, but only the owner may change.
600
(rw-------) The owner may read and write a file. All others have no rights. A common setting for data files that the owner wants to keep private.

Example for Numeric values permissions: 

In this example, i want to change the permissions of file linux, i.e. from 644 (rw-r--r--) to 755 (rwxr-xr-x).


To change the permissions, the chmod command is used for a file or directory. To use it, you specify the desired permission settings and the file or files that you wish to modify.


Thus, in below example, you can see.. Permissions has been changed for file linux. User have all the three permissions, group user and other users have only read and execute permissions.




Symbolic modes for the read, write and execute permissions:
  • read - r
  • write  - w
  • execute - x
Entities modes:

  • user - u
  • group - g
  • others - o

Symbol's                                 Meaning
a=rwx
The a means all and rwx means set read,write, and execute. The = means that permissions are to be set to exactly what we specify.(i.e. we overwrite the current permissions).
ugo=rwx
ugo means user,group,others and rwx means set read,write, and execute. The = means that permissions are to be set to exactly what we specify.
a+r
To add read permission for all.
a-r
To remove permissions for all.
ug=rw
To assign read, write permissions only for user and group.
go-x
To remove execute permissions from group and other (i.e from all users except the file's owner).

Example for Symbolic modes of Permissions: 
In this example, i want to change the permissions of file linux, i.e. from 755 (rwxr-xr-x) to 777(rwxrwxrwx).


To change the permissions, the chmod command is used for a file or directory. To use it, you specify the desired permission settings and the file or files that you wish to modify.


Thus, in below example, you can see.. Permissions has been changed for file linux. All entities have all permissions.






2 comments:

  1. Hi!!!
    Thanks for posting!!!!
    if you add chown,chgrp,stickybit,acl,& umask calculation will be more usefull:):)

    ReplyDelete
  2. Thank You Anbu for your valuable feedback.. We will try to upload the given topics as soon as possible..

    Regards,
    Linux Care

    ReplyDelete