File Permissions for Linux

1 Representation of file permissions

(1) Letter notation

All files in Linux (normal files, directory files, character special files, block special files, pipelines or FIFO, symbolic links, sockets) have 9 permissions, as shown in:

-rw-rw-r--is the permission of file a. First, the leftmost-represents the file type, if it is a directory, it is D; the next three-bit rw-represents the user (Andy) permission for a, then the next three-bit rw-represents the group (Andy) permission for a, and the last three bits represent the permissions of the other user to file a.

Each group of three permission bits in turn represents the file's read (R), write (w), and execute (x) permissions. If one is on-it means that the bit does not have a permission.

(2) Digital notation

Linux allows a number to represent the file's permissions, R for 4,w to 2,x for 1. Then 4 of the above permissions are (4+2) (4+2) (4) = 664.

2 Changing permissions

(1) Letter Law

U, G, o represent the file user rights, group permissions, and other user rights, respectively. We can use the chmod command to do the following:

chmod u+x A//give users permission to execute

chmod o-r A//Cancel other user Read permissions

So the permission of a is turned into a-rwxrw----, which is 740.

(2) Digital law

Simple brute: Use the number of target permissions you want to change directly:

chmod 740 A

3 Default Permissions

Create a new normal file or directory, what are their default permissions? Linux has a default value. We use the umask command to obtain:

　　

What does this 0002 mean? We can tell from the name that it is a mask. That is, to use a certain value to reduce the value, the default permissions are obtained, the file is 666, the directory is 777. Why is that so? Because Linux does not allow files to be executable by default. So no matter how we change the umask, we can't make a file executable by default. Then why is the umask a 4-bit? The first bit is the special permission bit, the bottom again, so here Umask other permissions bit is 002, the default permissions for the file is 664, the default permissions of the directory is 775.

Change umask, direct umask 777, you can turn Umask into 0777

4 Special Permissions

(1) The files in Linux have three special bits:

SUID: Sets the user ID (Set-user-id). For an executable file, instead of acquiring the resource as the initiator, it executes as the owner of the executable file.
SGID: Sets the group ID (Set-group-id). For an executable file, instead of acquiring the resource as the initiator, it executes as a group of executables.
STICKY: sticky bits, usually for the directory. Usually for the global writable directory (other can also write), so that the directory has sticky, delete only the files that belong to their own (but can still edit the files to modify others, in addition to root). You cannot get write access to someone else's files based on the security context.

(2) Setting
#chmod U+s
#chmod G+s
Ditto, remove special bit: #chmou u-s.

(3) indicates
SUID: Put the x position of U, the original position has execute permission, it is set to S, not for S.
SGID: Placed in the x position of G, the original position has execute permission, is set to S, not for S.
STICKY: Sticky bit, placed in the X position o, the original location has execute permission, is set to T, otherwise t.

Digital word notation suid:4,sgid:2,sticky:1, with special permissions before u/g/o. For example: for a directory:

#chmod 4551 File//permissions: R-sr-x--x
#chmod 2551 File//permissions: R-xr-s--x
#chmod 1551 File//permissions: R-xr-x--t

File Permissions for Linux