File Rights Management under Mac OS

File Rights Management under Mac OS

• Command Ls-l-A

Results

-rw-r--r--  1 user  admin  2326156  4 12 15:24 adb

The horizontal line represents an empty license. R stands for read-only, W stands for write, and x stands for executable. Note there are 10 locations. The first character specifies the file type. In the usual sense, a directory is also a file. If the first character is a horizontal line, it represents a non-directory file. If it is D, the representation is a directory.

After determining the access rights of a file, users can use the chmod command provided by the Linux system to reset different access rights. You can also use the Chown command to change the owner of a file or directory. Use the CHGRP command to change the user group for a file or directory.

These commands are described separately below.

chmod command
Function: The chmod command is very important to change the access permissions of files or directories. Users use it to control the access permissions of files or directories.
Syntax: This command has two uses. One is a literal setting method that contains letters and operator expressions; the other is a numeric setting method that contains numbers.
1. Text setting method
Chmod [who] [+ |-| =] [mode] File name?
Parameters:
The operation object who is any of the following letters or a combination of them:
U stands for "user", which is the owner of the file or directory.
G means "group user", that is, all users with the same group ID as the file owner.
O stands for "others".
A stands for "all users". It is the system default.
Operation symbols can be:
+ Add a permission.
-Cancel a permission.
= Give the given permission and cancel all other permissions, if any.

The permissions indicated by setting mode can be any combination of the following letters:
R is readable.
W is writable.
X is executable.
X Appends the x attribute only if the target file is executable for some users or if the target file is a directory.
S Set the process owner or group ID as the file owner of the file when the file is executed. The mode "u + s" sets the user ID bit of the file, and "g + s" sets the group ID bit.
T Save the text of the program to the swap device.
U has the same permissions as the owner of the file.
G has the same permissions as a user in the same group as the file owner.
O has the same permissions as other users.
File name: A list of files whose permissions are to be separated, separated by spaces. Wildcard characters are supported.
多个 You can give multiple permissions on a command line, separated by commas. For example: chmod g + r, o + r example
Make the same group and other users have read permissions to the file example.
2. Number setting method
We must first understand the meaning of the attributes represented by numbers: 0 means no permission, 1 means executable permission, 2 means writable permission, 4 means readable permission, and then add them up. So the format of the numeric attribute should be 3 octal numbers from 0 to 7, the order is (u) (g) (o).
For example, if you want the owner of a file to have "read / write" two permissions, you need to set 4 (readable) + 2 (writeable) = 6 (read / write).
The general form of the number setting method is:
Chmod [mode] file name?


example:
(1) Text setting method:
Example 1: $ chmod a + x sort
Set the properties of the file sort as:
File Owner (u) Increase execute permission
用户 Users who belong to the same group as the file owner (g) Add execute permission
Other users (o) increase execution permissions
Example 2: $ chmod ug + w, o-x text
Set the attributes of the text file to:
File owner (u) increase write permission
用户 Users in the same group as the file owner (g) Add write permission
Other users (o) Delete execute permission
Example 3: $ chmod u + s a.out
Assuming the permissions of a.out after executing chmod (can be viewed with the ls-l a.out command):
--Rws--x--x 1 inin users 7192 Nov 4 14:22 a.out
And this execution file uses a text file shiyan1.c, whose file access permission is "--rw -------", that is, only the owner of the file has read and write permissions.
When other users execute the program a.out, his identity temporarily becomes inin because of the program (because the s option is used in the chmod command), so he can read the file shiyan1.c (although this file is set For others don't have any permissions), this is the function of s.
Therefore, in the entire system, especially root itself, it is best not to set too many files of this type (unless necessary). This can ensure the security of the system and prevent the system from being invaded by bugs in certain programs.
Example 4: $ chmod a–x mm.txt
$ Chmod --x mm.txt
$ Chmod ugo--x mm.txt
The above three commands are to delete the execution permission of the file mm.txt, and it is set to all users.
(2) Number setting method:
Example 1: $ chmod 644 mm.txt
$ Ls -l
Set the properties of the file mm.txt as:
-Rw-r--r-- 1 inin users 1155 Nov 5 11:22 mm.txt
File owner (u) inin has read and write permissions
用户 The user who belongs to the same group as the file owner (g) has read permission
Others (o) have read permission
Example 2: $ chmod 750 wch.txt
        Set permissions on a folder to be readable and writable by any user.

File Rights Management under MAC OS