JIYIK CN >

The file permission system is one of the fundamental security elements of the Linux operating system.

These features allow us to adjust file permissions and access modes. We provide permissions based on appropriate rights to avoid vulnerabilities that can occur when users are not given appropriate access rights to files and folders.

File ownership in Unix/Linux systems

In Unix/Linux systems, there are three types of ownership of files and directories. The assigned owner of a file has the right to change it according to the permissions it receives.

• Owner Permissions: The permissions of a file owner specify the functions that the file owner can perform. Since the user who creates a file becomes its owner, the user is also called the owner.
• Permissions by group: A group's permissions determine what activities a user can perform on a file if they are a member of that group.
• Additional permissions: Other users' permissions define what actions they can perform on the file.

Each file initially has three access options. They are as follows:

• Read (r): It allows you to retrieve the contents of files, but not write to them. It will enable you to receive a listing of files and directories found in a directory.
• Write (w): It enables you to add new data to files or change existing data, as well as create and modify files and directories.
• Execute (x): If a program does not have the execute flag, it cannot be run. Set this property for all programs and scripts. The system uses it to determine whether a file should be started as a program.

Check File Permissions in Linux

Of course, you can use the file manager on Linux to search for file permissions. They all support this feature, but you will receive partial information this way.

Use the command with -lthe -h flag lsto get full details of all flags. All files in the directory will be displayed, along with their attributes and bits.

Run the following command in the folder where the file is stored to find the Linux file permissions:

$ ls -l

I created a folder and two files in it , test.testfile

Output:

total 0
-rw-rw-r-- 1 user user 0 Jan 14 01:00 test
-rw-rw-r-- 1 user user 0 Jan 14 01:00 testfile

The first column indicates the various access modes or permissions associated with the file or directory. Then the rights groups, first the owner, then the group, then everyone else.

Let's take a closer look at what the conditional values ​​for the permission flags mean:

• ---- No rights at all;
• --x- Allow the file to be executed only as a program, but not changed or read;
• -w-- Only writing and modifying files is allowed;
• -wx- Allows modification and execution, but in case of directories, you cannot view its contents;
• r--- Read-only permission;
• rx- Only read and execute, no write permission;
• rw-- Read and write permissions, but not execute;
• rwx- All rights;
• --s- When the SUIDor SGIDbit is set, the owner's SUIDis displayed in the field and the group's SGIDis displayed in the field;
• --t- The sticky-bit is set, which means that users cannot delete this file.

Changing file permissions in Unix/Linux systems

chmodis a change mode command that is used to change the permissions of a file or directory. chmodThe two modes of use are symbolic mode and absolute mode.

Use in symbolic modechmod

Symbolic mode is the most direct way for learners to adjust file or directory permissions.

Using the operators in the following table, you can add, remove, or specify the permission sets that you want with symbolic permissions.

Let's look at an example. When you run in a test ls -l, you'll see the permissions look like this:

$ ls -l test

Output:

-rw-rw-r-- 1 user user 0 Jan 14 01:00 test

Then run each of the examples in the table above in a test chmodcommand, and then run ls -lto see the permissions change.

$ chmod o+wx test
$ ls -l test

Here, orepresents other users, wrepresents write, and xrepresents execute. +It is used to add the specified permissions to testthe file.

Output:

-rw-rw-rwx 1 user user 0 Jan 14 01:00 test

We can see the difference in the two outputs above. The -rw-rw-r--above -rw-rw-rwxcommand adds rwpermissions for other users.

Changing Group and Owner in Linux

When they create an account on Unix, each user is given an owner ID and a group ID. All the above permissions are also assigned based on the owner and group.

There are two main commands for changing the group and owner.

• chown: chownCommand, stands for change owner, used to change the owner of a file.
• chgrp: chgrpCommand, stands for change group, used to change the group of a file.

The permission groups used are:

• u– Owner
• g- Group
• o- other
• a- All users

Change Ownership Command in Linux

chowncommand is used to change the ownership of a file.

Following is the basic syntax:

$ chown [name] [filename]

The value for user can be the name of a system user or the user ID (UID) of a system user.

Likewise, to change the group owner of a file:

$ chgrp [group_name] [filename]

Use in absolute mode in Linuxchmod

File permissions can also be changed using numeric codes. The equivalent numeric codes for access methods are as follows:

For example, chmod 711 filenamegrant all permissions to the owner, and only execute permissions to all other users.

Let's look at the file testfilepermissions.

$ ls -l testfile

Output:

-rw-rw-r-- 1 user user 0 Jan 14 01:00 testfile

Now, use chmodthe numeric code with .

$ chmod 711 testfile
$ ls -l testfile

Output:

-rwx--x--x 1 user user 0 Jan 14 01:00 testfile

As shown in the output, the file permissions have been changed.