Linux is a clone of UNIX, the multi-user operating system which can be accessed by many users simultaneously. Linux can also be used in mainframes and servers without any modifications. But this raises security concerns as an unsolicited or malign user can corrupt, change or remove crucial data. For effective security, Linux divides authorization into 2 levels.
- Ownership
- Permission
Every File/Directory in Linux & Unix system has three types of ownership,given below:
User:
A user is the owner of the file. By default, the person who created a file becomes its owner. Hence, a user is also sometimes called an owner.
Group:
A user- group can contain multiple users. All users belonging to a group will have the same access permissions to the file. Suppose you have a project where a number of people require access to a file. Instead of manually assigning permissions to each user, you could add all users to a group, and assign group permission to file such that only this group members and no one else can read or modify the files.
Others:
Any other user who has access to a file. This person has neither created the file, nor he belongs to a usergroup who could own the file. Practically, it means everybody else. Hence, when you set the permission for others, it is also referred as set permissions for the world.
Now, the big question arises how does Linux distinguish between these three user types so that a user ‘A’ cannot affect a file which contains some other user ‘B’s’ vital information/data. It is like you do not want your colleague, who works on your Linux computer, to view your images. This is where Permissions set in, and they define user behavior.
Let’s understand the Permission system on Linux.
Permissions:
Every file and directory in your UNIX/Linux system has following 3 permissions defined for all the 3 owners discussed above.
►Read: This permission give you the authority to open and read a file. Read permission on a directory gives you the ability to lists its content.
►Write: The write permission gives you the authority to modify the contents of a file. The write permission on a directory gives you the authority to add, remove and rename files stored in the directory. Consider a scenario where you have to write permission on file but do not have write permission on the directory where the file is stored. You will be able to modify the file contents. But you will not be able to rename, move or remove the file from the directory.
►Execute: In Windows, an executable program usually has an extension “.exe” and which you can easily run. In Unix/Linux, you cannot run a program unless the execute permission is set. If the execute permission is not set, you might still be able to see/modify the program code(provided read & write permissions are set), but not run it.
Basically in Linux there are three types of permission:
- Normal Permission
- Special Permission
- ACL Permission
Here we will Learn about Normal Permission and the next topic we will learn about Advanced Permission
If you want to check a permission then write down a command:
root@localhost:~# ls /abc drwxr-xr-x 2 root root 4096 Sep 17 00:07 /abc root@localhost:~# ls /abc/a.txt -rwxrw-r-- 2 root root 4096 Sep 17 00:07 /abc/a.txt
Here “d” is indicated to directory and “-” is indicated to file.
The characters are pretty easy to remember.
r = read permission = 4
w = write permission = 2
x = execute permission = 1
– = no permission
On the directory full permission is 7 and on file full permission is 6 because we can execute a directory but not a file so that is happen.
Ex: If a directory have 770 permission it means the permission is “drwxrwx—“
Your all doubt will be clear in next picture:
The various owners are represented as:
| User Denotations | |
| u | user/owner |
| g | group |
| o | other |
| a | all |
Changing Ownership and Group:
For changing the ownership of a file/directory, you can use the following command:
chown user file name
In case you want to change the user as well as group for a file or directory use the command
chown user:group filename root@localhost:~# ls /abc drwxr-xr-x 2 root root 4096 Sep 17 00:07 /abc
So here first “root” denote to user and the second “root” denote to group
Changing permission of a file:
►Numeric Way: In numeric way you need to give permission in digits like:
root@localhost:~# ls /abc rwxr-xr-x 2 root root 4096 Sep 17 00:07 /abc root@localhost:~# chmod 770 /abc root@localhost:~# ls /abc rwxrwx--- 2 root root 4096 Sep 17 00:07 /abc
►Alphabetical Way:n numeric way you need to give permission in alphabates like:
root@localhost:~# ls /abc rwxr-xr-x 2 root root 4096 Sep 17 00:07 /abc ### chmod u(+,-)rwx, g(+,-)rwx, o(+,-)rwx ### root@localhost:~# chmod u+rwx g+rwx o-rwx /abc root@localhost:~# ls /abc rwxrwx--- 2 root root 4096 Sep 17 00:07 /abc
Let’s Join our Hacking Team
We Are Indian We Are Great
Hope this article helpful for you. Thank You
Indian Cyber Army | Make IT Secure
Enjoy…Stay Happy…Stay Secure…
Hope this article helpful for you. Thank You
If You Appreciate What We Do Here On Hackonology, You Should Consider:
Hackonology is the fastest growing and most trusted community site where you can find lots of courses, articles about Technology/Hacking/Cracking. Millions of people visit Hackonology! to search or browse the thousands of published articles available FREELY to all.
Let's be a part of Hacker's Community! Join our Hacking Team
We Are Indian We Are Great
