File Management-File Permissions

1. access permission

A file has nine permission bits, from left to right: the owner reads, writes, and executes bits; the owner's group's users read, write, and execute bits; other users read, write, execution bit.

Linux provides a test macro to determine whether the specified permission bit has the permission. The method is to use the st_mode field and corresponding macro bitwise AND operation.

 

Significance of st_mode to test the octal value of macro

S_irusr 0400 User Read

S_iwusr 0200 User Write

S_ixusr 0100 user execution

S_irgrp 0040 Group read

S_iwgrp 0020 group write

S_ixgrp 0010 group execution

S_iroth 0004 read by other users

S_iwoth 0002 written by other users

S_ixoth 0001 executed by other users

 

To determine whether a group user has the permission to read the object, use the following method:

......

If (BUF. st_mode & s_irgrp! = 0)

Printf ("user of the group can read./N ");

Else

Printf ("user of the group can't read./N ");

 

2. Set the user ID and group ID

The file permission bits have two special representation bits, respectively setting the user ID bit and setting the group user ID bit.

Set User ID and set group ID are the names of these two symbols.

Set the user ID bit and the Set Group ID of the file to make the valid user ID and valid group ID of the process equivalent to the user ID and group ID of the file publisher, that is to say, the process can have the same permissions as the file owner. The user ID and group ID of a process change when the exec function is called. Therefore, setting the user ID and group ID only takes effect for executable files.

Linux provides a macro to determine whether to set the user ID and the group ID. The method is to use the st_mode field and the corresponding macro bitwise AND operation.

 

Significance of st_mode to test the octal value of macro

S_isuid 04000 set the user ID

S_isgid 02000 set the group ID

 

 

3. Set the user ID

The process that executes the executable file with the user ID bit has the same permissions as the owner of the file. That is, if the execution file is owned by the root user, some operations can be performed only by the root user. If the root user of the file owner sets the user ID of the file, the process executing the file also has the root permission and can correctly execute the file.

 

 

4. Instance

Shard write operation. The program first determines whether the execution file of the program has set the user ID. Yes. Continue. Otherwise, exit.

 

# Include <stdio. h>
# Include <stdlib. h>
# Include <sys/STAT. h>
# Include <fcntl. h>
# Include <unistd. h>

# Deprecision Max 1024

Int main (INT argc, char * argv [])
{
Int SFD, DFD;
Struct stat statbuf;
Char Buf [Max];
Int N;

If (STAT (argv [0], & statbuf) =-1) {/* Get the status information of the execution program file */
Perror ("fail to stat ");
Exit (1 );
}

If (statbuf. st_mode & s_isuid! = 0)/* whether the user in the test group has set the "Set User ID" bit */
Printf ("Set User ID/N ");
Else {
Printf ("can't write to root.txt/N ");
Exit (1 );
}

If (SFD = open ("test.txt", o_rdonly) =-1) {/* Open the source file and write the content from the source file to root.txt */
Perror ("fail to open ");
Exit (1 );
}

If (DFD = open ("root.txt", o_wronly) =-1) {/* Open the root.txt file */
Perror ("fail to open ");
Exit (1 );
}

While (n = read (SFD, Buf, max)> 0) {/* write the content in the SFD file to the DFD file */
If (write (DFD, Buf, n) =-1 ){
Perror ("fail to write ");
Exit (1 );
}
}

If (n <0) {/* If the loop exists because the READ function returns-1, the READ function has an error */
Perror ("fail to read ");
Exit (1 );
}

Printf ("done/N");/* output prompt information */

Return 0;
}