Day 6 Task: File Permissions and Access Control Lists
File Permissions and Ownership
Linux has two main categories of authorization -
a) Ownership and b) Permissions
Ownership determines who owns a file or directory, while permissions dictate who can access it and what they can do with it.
Linux File Ownership - Every file or directory in a Linux system is associated with 3 different types of Owners - User, Group, and Other.
Let's understand each of them in more detail.
User (u): The user owner is the user who created the file or directory, and they have full permission to access and modify it.
Group (g): The group owner is a group that the user belongs to, and members of this group have specific permissions to access the file. Instead of manually assigning permissions to each user, you could add all users to a group, and assign group permission to file such that only this group members and no one else can read or modify the files.
Other (o): This category refers to all users on the system who are not the owner or in the owner's group. These users have limited or no permissions to access the file.
Great! Now that we have a clear understanding of the user, group, and other categories in Linux ownership, let's dive into the different types of permissions that are associated with each category. By understanding these permissions, you'll be able to manage access to files and directories more effectively and keep your system secure.
Linux File Permissions -
There are three types of permissions: read (r), write (w), and execute (x). These permissions can be set for the owner of the file, the group that the file belongs to, and all other users.
Read (r): The read permission allows a user to view the contents of a file or directory. With this permission, the user can see the names of files and directories, view the contents of files, and list the files in a directory.
Write (w): The write permission allows a user to modify or delete a file or directory. With this permission, the user can add, modify, or delete files in a directory, edit the contents of files, and create new files.
Execute (x): The execute permission allows a user to run a file as a program or script. With this permission, the user can execute a file that contains executable code, such as a binary program or a shell script.
By assigning read, write, and execute permissions to users and groups, you can control who has access to files and directories, and what actions they can perform on them. This is a critical aspect of managing system security effectively in Linux.
领英推荐
The file system permissions are usually represented as a string of characters, where the first character indicates the type of file (e.g., "-" for regular file, "d" for directory), and the next three characters represent the permissions for the owner (u), the next three for the group (g), and the last three for others (o).
Example to understand file permissions -
Let's say we have a file named "document.txt". The file permissions are set as follows:
In this example, the owner of the file can read, modify, and execute it as a program. The group members can only read the file, and everyone else on the system has no permission to the file at all.
You can view the file permissions using the ls -l command:
ABSOLUTE ( NUMERIC ) MODE -
To change the file permissions via this mode, you first need to know the octal value for the permissions you want to set. The octal value is a three-digit number that represents the combination of read, write, and execute permissions. Each digit represents the permissions for the user owner, group, and others, in that order. Here's how the digits map to the permissions: