Rate this article :
3.4/5 | 5 opinion
This article was useful to you ?
Yes
No
Vous avez noté 0 étoile(s)
Sommaire
Procédure
The Linux permissions system is based on a user/group model which has become the main basis of Linux security. Users and groups are granted rights to files and directories.
This is one of the features that makes Linux almost immune to computer viruses, viruses need to be able to write to files to be able to infect them and be executed in a certain way to be able to infect other files, with the Linux permissions system viruses cannot copy themselves to all files, if the user executing the virus lacks permissions on the rest of the system, the virus will not be able to reproduce itself.
In Linux we have three different file permissions:
r: read: When the read permission is active on a directory it means that we will be able to list the files stored in that directory, if it is assigned to files we will be able to read its contents.
w: write: When write is enabled on a directory you can create and delete files in the directory, if it is enabled for files it means we will be able to modify its contents.
x: execute: If execute permission is enabled on a directory it means that the user can perform other functions in the directory and if it is enabled on files it means that the file will be able to be executed from the command line.
To display file and directory permissions, run the following command:
ls -l
This command will give us a result similar to:
-rw-r--r-- 1 root root 0 2008-10-23 10:02 interfaces -rw-r--r-- 1 root root 128 2008-10-23 09:52 interfaces2 drwxr-xr-x 2 dvazart dvazart 4096 2008-10-31 16:25 Templates drwxr-xr-x 2 dvazart dvazart 4096 2008-09-22 13:16 Musique -rw-r--r-- 1 root root 3860754 2008-07-21 11:14 nxclient_3.2.0-14_i386.deb drwx------ 2 dvazart dvazart 4096 2008-10-21 11:38 PDF drwxr-xr-x 2 dvazart dvazart 4096 2008-09-22 13:16 Public -rwx------ 1 root root 1634 2008-10-22 17:54 readline -rwx------ 1 root root 1266 2008-10-22 17:41 readline2 ---------- -- ---- ----- --------- | | V | | | | file name | | | V | | | | | time | | | V | | | | date | | | V | | | size | | | V | | | group | | | V | | owner | V | links RIGHTS
Rights are assigned in groups of three and correspond to :
Owner: Owner of files or directories.
Group: the group to which the file owner belongs.
Others: users from other groups.
- rw- r-- r-- d rwx --- --- d rwx r-x - rwx --- --- - rwx --- --- d rwx rwx - rwx --- --- d rwx r-x r-x --- --- | | | `---> Others | `-------> Group `-----------> Owner
Linux has 3 commands for changing the permissions, owner and group of a file or directory, respectively:
chmod: Changes the permissions of the file or directory.
$ chmod [permissions] [file / directory] [options]
chown: Used to change the owner of the file or directory.
chown [new owner] [file / directory] [options]
chgrp: Used to change the file or directory group.
chgrp [group] [file / directory] [options]
Symbol Description Identities u This is the owner of the file or directory. g This is the group of the file or directory. o Other users, the rest of the world. a Everyone - owner, group and others. Permissions r Read access. w Write access. x Execute access. Actions + Add permissions. - Remove permissions. = The only permission.
Examples
Command Description Results chmod u+rwx photo1.png Add all permissions for rwx------ the owner. chmod g+x photo1.png Add execute permission for rwx-x--- the group. chmod o+r photo1.png Add read permission for rwx-xr--- other users. chmod u-rw photo1.png Remove read and --x-xr--- write permissions for the owner. chmod a=r photo1.png We set read as the only r--r--r-- permission for all 3 groups. chmod u+rx,o+x photo1.png We add read --------- and execute permissions for the owner and execute for the others.
Each permission is assigned a value, even when the permission is not active. To be able to use the numbers we will have to take into account the following table with their respective values:
Value Permission Description 0 --- Zero means that no permissions have been assigned. 1 --x Only execute permission has been assigned. 2 -w- Only write permission. 3 -wx Write and execute permissions. 4 r-- Only read permission. 5 r-x Read and execute permissions. 6 rw- Read and write permissions. 7 rwx Read, write and execute permissions.
Numeric authorisations are assigned in groups of 3 (owner, group, other); it is not possible to assign authorisations for only one or two of them.
Examples
Command Results Description chmod 600 photo1.png rw------- Only the owner has the right to read and write. chmod 644 photo1.png rw-r--r-- Only the owner has the right to read and write but the group and others can only read. chmod 700 photo1.png rwx------ Only the owner has the right to read, write and execute the file. chmod 751 photo1.png rwxr-xr-x The owner has the right to read, write and execute, the group can read and execute and others can only execute. chmod 711 photo1.png rwx--x--x The owner has read, write and execute rights; the group and others can only execute. chmod 666 photo1.png rw-rw-rw- Everyone can read and write to files. chmod 777 photo1.png rwxrwxrwx Everyone can read, write and execute.
Rate this article :
3.4/5 | 5 opinion
This article was useful to you ?
Yes
No
2mn reading
How do I configure the firewall on a dedicated VPS server?
1mn reading
How can I connect as root on a dedicated VPS server with Putty?
0mn reading
Linux / Debian SSH commands
0mn reading
SSH - Apt-get command: Installing and uninstalling packages