News and Informasi Linux File Acces Permision
File protection with chmod
- chmod 400 file To protect a file against accidental overwriting.
- chmod 500 dir To protect yourself from accidentally removing, renaming or moving files from this directory.
- chmod 600 file A private file only changeable by the user who entered this command.
- chmod 644 file A publicly readable file that can only be changed by the issuing user.
- chmod 660 file Users belonging to your group can change this files, others don’t have any access to it at all.
- chmod 700 file Protects a file against any access from other users, while the issuing user still has full access.
- chmod 755 dir For files that should be readable and executable by others, but only changeable by the issuing user.
- chmod 775 file Standard file sharing mode for a group.
- chmod 777 file Everybody can do everything to this file.
Special modes textual representation
• SUID: If set, then replaces “x” in the owner permissions to “s”, if owner has execute ermissions, or to “S” otherwise. Examples:
-rws—— both owner execute and SUID are set
-r-S—— SUID is set, but owner execute is not set
• SGID: If set, then replaces “x” in the group permissions to “s”, if group has execute permissions, or to “S” otherwise. Examples:
-rwxrws— both group execute and SGID are set
-rwxr-S— SGID is set, but group execute not set
• Sticky bit: If set, then replaces “x” in the others permissions to “t”, if others have execute permissions, or to “T” otherwise. Examples:
-rwxrwxrwt both others execute and sticky bit are set
-rwxrwxr-T sticky bit is set, but others execute is not set
(r,w,x) Access Permissions For Files And Directories
r ( read) :
- File : Users can open and read the file.
- Folder : Users can view the contents of the directory. Without this permission, users cannot list the contents of this directory with ls -l, for example. However, if they only have execute permission for the directory, they can nevertheless access certain files in this directory if they know of their existence.
w (write) :
- File : Users can change the file: They can add or drop data and can even delete the contents of the file. However, this does not include the permission to remove the file completely from the directory as long as they do not have write permissions for the directory where the file is located.
- Folder : Users can create, rename or delete files in the directory.
x (Execute) :
- File : Users can execute the file. This permission is only relevant for files like programs or shell scripts, not for text files. If the operating system can execute the file directly, users do not need read permission to execute the file. However, if the file must me interpreted like a shell script or a perl program, additional read permission is needed.
- Folder : Users can change into the directory and execute files there. If they do not have read access to that directory they cannot list the files but can access them nevertheless if they know of their existence.
Related posts:
