Getting Started with Linux Linux System Administration Permissions.

Slides:



Advertisements
Similar presentations
The UNIX File System Harry Chen Department of CSEE University of MD Baltimore County.
Advertisements

MORE FILE ATTRIBUTES. ls –l to display file attributes (properties) Listing of a specific directory Ownership and group ownership Different file permissions.
Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
Engineering Secure Software. Linux File Permissions  Each file and directory has bits for.. Read, Write, Execute: rwx Files: works as it sounds  Directories:
Unix permissions, ownership and setuid File security and ownership The chmod(1) command Process Ownership Setuid, Setgid and the Sticky bit Writing setuid.
UNIX file systems Learning Objectives: 1. To understand the basics of file systems 2. To understand the hierarchical structure in Unix file system 3. To.
The UNIX File System CS465. File Systems What is a file system? A means of organizing information on the computer. A file system is a logical view, not.
File Security. Viewing Permissions ls –l Permission Values.
Chapter 10 File System Security. Security Policies security policies are doors maintain a balance between total access and total security UNIX has two.
File security and Permissions A file is owned by the user who created it That user can then specify who can read, write and execute that file A file when.
CIS 240 Introduction to UNIX Instructor: Sue Sampson.
CS 497C – Introduction to UNIX Lecture 15: - File Attributes Chin-Chih Chang
Linux Linux File System.
UNIX Files and Security Software Tools. Slide 2 File Systems l What is a file system? A means of organizing information on the computer. A file system.
Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.
File System Security 1. General Principles Files and folders are managed by the operating system Applications, including shells, access files through.
Files & Directories Objectives –to be able to describe and use the Unix file system model and concepts Contents –directory structure –file system concepts.
1 Lecture 2 Working with Files and Directories COP 3344 Introduction to UNIX.
Unix System Administration Rootly Powers Chapter 3.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Linux+ Guide to Linux Certification, Second Edition
1Week 4 - Jan 31, 2005 Week 4 Agenda UNIX Directory Structure Absolute pathname Relative pathname Permissions chmod (symbolic/absolute)
Managing Files CSCI N321 – System and Network Administration Copyright © 2000, 2011 by the Trustees of Indiana University except as noted.
The UNIX File System. The UNIX File A file is a container for storing information and data. Filename limited to 255 characters. Can’t contain / or NULL.
Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.
File Permission and Access. Module 6 File Permission and Access ♦ Introduction Linux is a multi-user system where users can assign different access permission.
Lesson 9-Setting and Using Permissions. Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics.
1Week 4 - Sep 26, 2005 Week 4 Agenda UNIX Directory Structure Absolute pathname Relative pathname Permissions chmod (symbolic/absolute)
Chapter 3 Some additional notes… File permissions A file has three types of permissions (read, write and execute). Available to three categories of users.
File Security and Permissions. File Permissions (1) u With respect to a particular file, Unix divides the set of all users on a system into three categories:
Chapter 4: File Security & Permissions Also: Hard and Soft Links, see p77-80 &
E X C E E D I N G E X P E C T A T I O N S Basic LINUX Linux System Administration Dr. Hoganson Kennesaw State University Operating Systems Directory structure:
Linux+ Guide to Linux Certification, Third Edition
Linux+ Guide to Linux Certification, Third Edition
Workbook 4 User & Group Permissions RH030 Linux Computing Essentials.
PacNOG 6: Nadi, Fiji UNIX ™/ /Linux Permissions Hervey Allen Network Startup Resource Center.
Privileges: who can control what Introduction to Unix June 16, 2009 Papeete, French Polynesia Hervey Allen.
Privileges: who can control what Introduction to Unix May 24, 2008 Rabat, Morocco Hervey Allen.
Managing Files CSCI N321 – System and Network Administration Copyright © 2000, 2007 by the Trustees of Indiana University except as noted.
The Unix File system (UFS) Presented by: Gurpreet Singh Assistant Professor Department of School of Computing and Engineering Galgotias University.
Revision: Absolute and relative paths. (root) staffusrbinstudetc ResearchTeachingPrivate pgugitmasters xxxgtrxxx CUA Coursework1.txt CUA xxx02uxxx04u.
1 Lecture 2 Working with Files and Directories COP 3353 Introduction to UNIX.
CSCI 330 The UNIX System Unit V Permissions. all access to directories and files is controlled UNIX uses discretionary access control (DAC) model each.
UNIX File System By Vishal Desai. Introduction Basic purpose of file system: Represent and organize the system resources. But UNIX File System also maps.
CIT 383: Administrative ScriptingSlide #1 CIT 383: Administrative Scripting Directories.
SUSE Linux Enterprise Desktop Administration Chapter 9 Manage Users, Groups, and Permissions.
File System Security ls -l. First Columm d = directory l = symbolic link b = block special file c = character special file p = fifo (or named pipe) special.
UNIX file systems Learning Objectives: 1. To understand the basics of file systems 2. To understand the hierarchical structure in Unix file system 3. To.
The Unix File System R Bigelow. The UNIX File System The file system refers to the way in which UNIX implements files and directories. The UNIX file system.
Jozef Goetz, expanded by Jozef Goetz, 2008 Credits: Parts of the slides are based on slides created by UNIX textbook authors, Syed M. Sarwar, Robert.
BIF703 File Permissions. As you recall from our previous notes, that Unix/Linux recognizes everything as a file: Regular files to store data, programs,
File System Security in Unix Annie Calpe. Overview Unix Basics File System Security: - Account Security: Passwords - File Permissions - Access Control.
Company LOGO Security in Linux PhiHDN - VuongNQ. Contents Introduction 1 Fundamental Concepts 2 Security System Calls in Linux 3 Implementation of Security.
Privileges: who can control what
Permissions: who can control what Unix/IP Preparation Course July 19, 2009 Eugene, Oregon, USA
Introduction to Unix – CS 21
File permissions Operating systems I800
Chapter 3 Maintaining Security
Lecture 2 Working with Files and Directories
Chapter 8 File Security.
BIF703 File Permissions.
Privileges: who can control what
Chapter 7 File and file System structure
Security and File Permission
OPS235 Lab4: Investigations 5 – 9
Engineering Secure Software
The Linux Command Line Chapter 9
Department of School of Computing and Engineering
Engineering Secure Software
Figure 6-13: Managing Permissions
Presentation transcript:

Getting Started with Linux Linux System Administration Permissions

Goal Understand the following:  The Linux / Unix security model  How a program is allowed to run  Where user and group information is stored  Details of file permissions

Users and Groups Linux understands Users and Groups A user can belong to several groups A file can belong to only one user and one group at a time A particular user, the superuser “root” has extra privileges (uid = “0” in /etc/passwd) Only root can change the ownership of a file

Users and Groups cont. User information in /etc/passwd Password info is in /etc/shadow Group information is in /etc/group /etc/passwd and /etc/group divide data fields using “:” /etc/passwd: joeuser:x:1000:1000:Joe User,,,:/home/joeuser:/bin/bash /etc/group: joeuser:x:1000:

A program runs... A program may be run by a user, when the system starts or by another process. Before the program can execute the kernel inspects several things: Is the file containing the program accessible to the user or group of the process that wants to run it? Does the file containing the program permit execution by that user or group (or anybody)? In most cases, while executing, a program inherits the privileges of the user/process who started it.

A program in detail When we type: ls -l /usr/bin/top We'll see: -rwxr-xr-x 1 root root :18 /usr/bin/top What does all this mean?

-r-xr-xr-x 1 root root :18 /usr/bin/top | | | | | | | | | | | | | File Name | | | | | | | | | | | +--- Modification Time/Date | | | | | | | | | Size (in bytes | | | | | | | Group | | | | | Owner | | | “link count” | File Permissions Group The name of the group that has permissions in addition to the file's owner. Owner The name of the user who owns the file. File Permissions The first character is the type of file. A "-" indicates a regular (ordinary) file. A "d” indicate a directory. Second set of 3 characters represent the read, write, and execution rights of the file's owner. Next 3 represent the rights of the file's group, and the final 3 represent the rights granted to everybody else. (Example modified from

Access rights Files are owned by a user and a group (ownership) Files have permissions for the user, the group, and other “other” permission is often referred to as “world” The permissions are Read, Write and Execute (R, W, X) The user who owns a file is always allowed to change its permissions

Some special cases When looking at the output from “ ls -l ” in the first column you might see: d = directory - = regular file l = symbolic link s = Unix domain socket p = named pipe c = character device file b = block device file

Some special cases cont In the Owner, Group and other columns you might see: s = setuid [when in Owner column] s = setgid [when in Group column] t = sticky bit [when at end] Some References

There are two ways to set permissions when using the chmod command: Symbolic mode: testfile has permissions of -r--r--r-- U G O * $ chmod g+x testfile==>-r--r-xr-- $ chmod u+wx testfile==>-rwxr-xr-- $ chmod ug-x testfile==>-rw--r--r-- U=user, G=group, O=other (world) File permissions

Absolute mode: We use octal (base eight) values represented like this: Letter Permission Value R read 4 W write 2 X execute 1 - none 0 For each column, User, Group or Other you can set values from 0 to 7. Here is what each means: 0= --- 1= --x 2= -w- 3= -wx 4= r-- 5= r-x 6= rw- 7= rwx File permissions cont.

Numeric mode cont: Example index.html file with typical permission values: $ chmod 755 index.html $ ls -l index.html -rwxr-xr-x 1 root wheel 0 May 24 06:20 index.html $ chmod 644 index.html $ ls -l index.html -rw-r--r-- 1 root wheel 0 May 24 06:20 index.html File permissions cont.

Two critical points: 1.The permissions of a directory affect whether someone can see its contents or add or remove files in it. 2.The permissions on a file determine what a user can do to the data in the file. Example: If you don't have write permission for a directory, then you can't delete a file in the directory. If you have write access to the file you can update the data in the file. Inherited permissions

To reinforce these concepts let's do some exercises. In addition, a very nice reference on using the chmod command is: An Introduction to Unix Permissions -- Part Two By Dru Lavigne (note, this is for FreeBSD) Conclusion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.