Hide permissions on the file system

Most attributes play an important role in file system security management.

Pre-course preparation knowledge: File System classification, file system display permissions and modification methods, understanding of the owner, owner group, and other users and their definitions

The earliest File System in Linux was Minix, but the file system specifically designed for Linux-the second or EXT2 extension file system was designed and added to Linux, this has a major impact on Linux. The EXT2 file system is powerful, easy to expand, and fully optimized in terms of performance. It is also a standard file system type released and installed in all Linux systems.
Each actual file system is separated from the operating system and system service and communicates with each other through an interface layer: Virtual File System or VFS. VFS allows Linux to support multiple different file systems, each representing a common VFS interface. Because the software converts all the details of the Linux File System, the other parts of the Linux core and the programs running in the system will see the Unified File System. Linux's Virtual File System allows users to transparently install many different file systems at the same time.
In a Linux File System, a special type of/proc file system only exists in the memory, without occupying the memory space. It provides interfaces for accessing system kernel data in the form of a file system. The/proc file system is a pseudo file system. Users and applications can obtain system information through/proc and change certain kernel parameters.
In Linux, EXT2 file system, virtual file system, And/proc file system are three representative file systems, this thesis attempts to study the Linux File System mechanism through their analysis. Based on the analysis of these three file systems, we will understand and study the Linux File System Operations (this paper selects open and close operations for research ). In the second part, the EXT2 file system is introduced. In the third part, the characteristics of the virtual file system are discussed. In the fourth part, the/proc file system is briefly introduced. Finally, the implementation of the two specific file system operations is introduced.
Edit this section
EXT2 File System

In Linux, common files and directory files are stored on disks or tapes called block physical devices. A Linux system supports several physical disks. Each physical disk can define one or more file systems. (Similar to a microcomputer disk partition ). Each file system consists of a sequence of logical blocks. A Logical Disk Space is generally divided into several different parts for different purposes, that is, the boot block, super block, inode zone, and data zone.
Boot block: at the beginning of a file system, it is usually a sector in which the boot program is stored for reading and starting the operating system; super block: used to record the management information of the file system. A specific file system defines a specific super block. inode (index node): a file or directory occupies an index node. The first index node is the root node of the file system. The root node can be used to mount a file system to a non-leaf node of another file system. The data zone is used to store file data or manage data.
The first file system type introduced in Linux is MINIX. The MINIX file system is defined by the MINIX operating system and has certain limitations. For example, the file name can contain a maximum of 14 characters and a maximum of 64 MB bytes. The first File System specifically designed for Linux is EXT (Extended File System), but EXT2 is currently the most popular.
The second generation of extended file systems, designed by Rey Card, aims to provide a powerful extensible File System for Linux. It is also the most successful File System in Linux. You can use the VFS super block (struct ext2_sb_info ext2_sb) to access the EXT2 super block, and use the VFS inode (struct ext2_inode_info ext2_ I) to access the EXT2 inode.
The source code of File System EXT2 is in the/usr/src/linux/fs/ext2 directory, its data structure is defined in the file/usr/src/linux/include/linux/ext2_fs.h and files ext2_fs_ I .h and ext2_fs_sb.h in the same directory.
The EXT2 file system divides the logical partitions it occupies into block groups, as shown in:
Group 0
Group 1
............
Group N


Super Block
Group Descriptor Table
Block bitmap
Inode bitmap
Inode table
Data Block
Edit this section
Logical Partition


Like many file systems, EXT2 is built on the premise that the data is stored in the file in the data block. These data blocks are of the same length and can be changed. The block size of an EXT2 file system is set when mke2fs is created. The size of each file is exactly the same as that of its block size. If the block size is 1024 bytes and a 1025-byte file occupies two 1024-byte blocks. In this way, you have to waste about half of the space. We usually need to compromise between CPU memory utilization and disk space usage. Most operating systems, including Linux, are forced to choose a relatively low disk space utilization to reduce CPU workload. Not every block in the file contains data. Some of these blocks are used to include information about the system structure of the file. EXT2 uses an inode structure to describe files in the file system and determine the topology of the file system. The inode Structure describes the block occupied by the data in the file, the access permission of the file, the file modification time, and the file type. Each file in the EXT2 file system is represented by an inode and each inode has a unique number. All inodes in the file system are stored in the inode table. The EXT2 directory is only a special file containing a pointer to its directory entry (also expressed in inode ).
For a file system, a file is only a series of data blocks that can be read and written. File systems do not need to know where data blocks should be placed on physical media. These are all device-driven tasks. Whenever the file system needs to read information or data from the block device that contains it, it will request the underlying device driver to read a data block of an integer multiple of the basic block size. The EXT2 file system divides the logical partitions it uses into data block groups. Each data block group copies the information that is most important to the integrity of the file system, and regards the actual files and directories as information and data blocks. In order to fix the file system in the event of a catastrophic event, these copies are necessary.
Edit this section
Comparison with windows

Similarities
Users and groups
Linux is a multi-user multi-task operating system, while Windows is a single-user multi-task operating system. It can be used by many different users to provide separate environments and resources for each user. Control security based on user identity. You can control resource access permissions by group members, so that when the number of users is large, you do not have to set permissions for each account.
Users and groups can be centrally managed to allow multiple servers to share the same user and authentication data.
File System
Both Linux and Windows support multiple file systems. File resources can be shared with other clients through NetBIOS, FTP, or other protocols. You can flexibly organize individual file systems, and the Administrator determines where they can be accessed.
Ports and devices
Both operating systems support ports of various physical devices, such as parallel ports, serial ports, and USB ports. Supports various controllers, such as IDE and SCSI controllers. Linux also supports many standard hardware that are just listed.
Network
Both Linux and Windows support multiple network protocols, such as TCP/IP, NetBIOS, and IPX. Supports multiple types of network adapters. All have the ability to share resources through the network, such as shared files and printing. Can provide network service capabilities, such as DHCP and DNS.
Service
Both Linux and Windows provide services. The so-called service refers to the applications running in the background, which can provide some functions for the system and computers that remotely call the service. These programs can be independently controlled and automatically started during system boot. (Note: Linux follows the Unix habit of calling this application daemon)
Differences
Linux applications target networks rather than printing
When Windows first appeared, the world was still a world of paper. One of Windows's great achievements is that you can easily see and print your work results. Such a beginning affects the later development of Windows.
Similarly, Linux is also affected by its origins. Linux is designed for network operating systems. Its design is inspired by the Unix operating system, so its command design is simple, or concise. Because plain text can work well across networks, Linux configuration files and data are based on text.
For those familiar with the graphic environment, the Linux server may be relatively primitive. However, Linux development focuses more on its internal functions than on the surface. Even in a text-only environment, Linux has extremely advanced network, script, and security capabilities. Some seemingly strange steps required to execute some tasks are confusing unless you realize that Linux expects to work with other Linux systems on the network to execute these tasks. The automatic execution capability of Linux is also very strong. You only need to design the batch processing file so that the system can automatically complete very detailed tasks. Linux's ability comes from its text-based nature.
Optional GUI
Linux has graphical components. Linux supports high-end graphics adapters and monitors, and is fully qualified for graphics-related work. Today, many digital effect artists are working on their design on Linux workstations, which previously had to be done using the IRIX system. However, the graphic environment is not integrated into Linux, but a separate layer running on the system. This means that you can run the GUI only or as needed. If the main task of your system is to provide Web applications, you can stop the graphic interface and use the memory and CPU resources used for your service. If you need to do some work in the GUI environment, you can open it and close it after the work is completed.
Linux provides graphical management tools and daily office tools, such as email, Web browsers, and document processing tools. However, in Linux, graphical management tools are usually extensions of the console (command line) tool. That is to say, all the work that can be done with graphical tools can also be done with console commands. Similarly, the use of graphical tools does not prevent you from manually modifying the configuration file. Its practical significance may not be particularly obvious. However, if you do anything in a graphical management tool, you can do it in the form of a command line, this means that those jobs can also be implemented by a script. Script-based commands can be automatically executed. Linux supports both of these methods at the same time, and does not require that you only use text or GUI. You can select the best method based on your needs.
The configuration file in Linux is a human-readable text file, which is similar to the INI file in Windows in the past, but essentially different from the Windows registry mechanism. Each application has its own configuration file, which is usually not put together with other configuration files. However, most of the configuration files are stored in a single place under a directory tree (/etc), so it looks like they are logically together. The text file configuration method allows you to back up, check, and edit the configuration file without using special system tools.
File name extension
Linux does not use file name extensions to identify file types. On the contrary, Linux identifies its type based on the file header content. To improve human readability, you can still use file name extensions, but this does not work for Linux systems. However, some applications, such as Web servers, may use naming conventions to identify file types. However, this is only the requirements of specific applications rather than those of Linux systems.
Linux uses the file access permission to determine whether a file is executable. Any file can be assigned executable permissions, so that the creator or administrator of programs and scripts can recognize them as executable files. This is conducive to security. Executable files saved to the system cannot be automatically executed, which can prevent many script viruses.
Rebooting is the final means
If you have been using Windows for a long time, you may be used to restarting the system for various reasons (from software installation to service troubleshooting. In Linux, your habits need to be changed. Linux follows the Newton's law of motion in essence ". Once it starts running, it will remain running until it is affected by external factors, such as hardware faults. In fact, the design of the Linux system does not cause the kernel to crash, so you do not have to reboot frequently (relative to the design of the Windows system ). In addition to the Linux kernel, you do not need to reboot the system to install, start, stop, or reconfigure other software.
If you re-boot the Linux system, the problem may not be solved, and it will make the problem worse. Learning and understanding the Linux service and running level is the key to a successful solution. The most difficult thing to learn about Linux is to overcome the habit of re-guiding the system.
In addition, you can remotely complete a lot of work in Linux. As long as some basic network services are running, you can access the system. In addition, if a specific service in the system has a problem, you can continue to run other services while performing troubleshooting. This management method is very important when you run multiple services on a system at the same time.
All Linux commands and options are case sensitive.

2. Hide permissions of the EXT2 File System
In addition to setting the read (r), write (w), and execute (x) permissions for files or directories, some files with special requirements (such as server logs) you can also append the hidden permission settings. These hidden permissions include: ① Append only (a) ② compressed (c) ③ no dump (d) ④ immutable (I) ⑤ data journalling (j) ⑥ secure deletion (s) 7 no tail-merging (t), cannot undeletable (u) cannot no atime updates (A), cannot synchronous directory updates (D)
(1) synchronous updates (S), synchronous update
(2) and top of directory hierarchy (T). and the directory hierarchy at the top
3. view and modify hidden Permissions
You can use lsattr to view the hidden permissions of an object.
[Root] # lsattr -- help
You can use chattr to set the permission to hide an object.
[Root] # chattr -- help
1. Lsattr command
Lsattr command format:
[Root] # lsattr [-RVadlv] [files...]
Description of parameters or options:
-R: recursively lists directory and file attributes.
-V: displays the program version number.
-A: displays all file attributes, including hidden files (.), current directories (./), and upper directories (../).
-D: Only List Directory properties.
-L: (this parameter does not work currently ).
-V: displays the file or directory version.
2. Chattr command
Let's take an example:
[Root] # touch chattr_test
[Root] # chattr + I chattr_test
[Root] # rm chattr_test
Rm: remove write-protected regular empty file 'chattr _ test '? Y
Rm: cannot remove 'chattr _ test': Operation not permitted
In this case, even root itself cannot directly perform the delete operation. You must first remove the I settings before deleting them.
The online help of the chattr command details the applicability of various Parameter options and bug prompts. It is recommended that you carefully check the options when using the chattr command.
Special permissions for file 4: SUID/SGID/Sticky Bit
In combination with the UMASK value (0022) described above, it indicates that some special permission specifications exist. These permissions include SUID/SGID/Sticky Bit, and such an example exists directly in the system:
[Root] # ls-dl/tmp
Drwxrwxrwt 342 root 36864 Jun 14/tmp
[Root] $ ll/usr/bin/passwd
-Rwsr-xr-x 1 root 27768 Jul 17 2006/usr/bin/passwd
1. SUID (Set UID)
A. In order to improve the security of local user account information, Linux has specified/etc/shadow (shadow file) to store user account information in encrypted password mode, at the same time, the default permission for this file is-r --------. Only superusers can be forced to store the file. Other users do not have any permissions. But you will find out, why can we change our own user password as a normal user? After all, updating the password will inevitably write the/etc/shadow file?
B. refer to the previous example (/usr/bin/passwd). We believe that when the executable bit (x) of the file system's "owner permission combination" is s (rws ------) when replaced, it constitutes a special permission rule Set UID, referred to as SUID.
C. SUID indicates that when a request is executed for a program containing special SUID permissions, it can temporarily have the access permissions of the program owner (to the program. Assume that normal user A updates his password through the passwd command, and the owner of/usr/bin/passwd is root (root, root), that is, when A requests to execute the passwd command, in fact, the root (for/usr/bin/passwd) Permission is temporarily obtained, and the/etc/shadow content is further updated.
D. Linux requires that SUID is valid only for binary executable files in the system, and cannot be applied to Shell scripts, after all, the Shell script only schedules a combination of binary executable files and eventually follows the permission settings of binary file.
2. Set GID
Compared with SUID, when the executable bit (x) In the permission combination of the user group (group) where the owner is located is replaced by s (for example, --- rws ---), the permission setting of Set GID is formed. SGID can be set for binary files or directories:
A. binary executable file: when a request is made to execute this file (Program), the user group (I .e., executive tive group) where the request executor is located will temporarily obtain this program (binary file) the access permission of the user group ID (group ID.
B. Directory: Assume directory A. the user group ID of the file or subdirectory created under directory A will be automatically assigned to the Group ID of directory.
SGID is mainly used for the development of projects composed of multiple people, which is generally rarely used.
3. Sticky Bit
In our opinion, when the executable Bit (x) in the file system "Other (others)" permission combination is replaced by t (for example ------ rwt), it constitutes the Sticky Bit permission settings. SBIT, as its name implies, can restrict access and is easy to understand and use. It is only effective for directories. When SBIT settings are applied to A directory A and the user has w and x permissions to directory A, the user's personal documents (including directories) created under directory) only the user or root can perform operations such as delete, rename, and move (whether the operation is readable depends on the actual permission r ).
From the/tmp directory mentioned above, let's perform a simple test:
[Root] # ls-dl/tmp
Drwxrwxrwt 342 root 36864 Jun 14/tmp
[Root] # cd/tmp
[Root] # touch orange
[Root] # chmod 777 orange (note that all orange permissions are enabled here)
[Root] # logout (exit root and Log On As a normal user)
[Console] $ cd/tmp
[Console] $ rm orange
Rm: cannot remove 'Orange & #39;: Operation not permitted

Note: SBIT generally only applies significance to directories.
Five special permissions
Next, we will briefly introduce how to set the above special permissions. If you have mastered the rules for expressing permissions with (octal) numbers, it is easy to configure them with the chmod command. The following are the octal values corresponding to the SUID/SGID/Sticky Bit conventions:
* SUID limit 4
* SGID limit 2
* SBIT limit 1
When setting, we place the number indicating the special permission before the other three-digit permission. The following is an example:
[Root] # touch banana; ll banana
-Rw-r -- 1 root 8083 0 Jun 16 banana
[Root] # chmod 4775 banana; ll banana
-Rwsrwxr-x 1 root 8083 0 Jun 16 banana (note that SUID is only valid for binary files)
[Root] # chmod 6775 banana; ll banana
-Rwsrwsr-x 1 root 8083 0 Jun 16 banana (note the permission combination)
[Root] # chmod 1775 banana; ll banana
-Rwxrwxr-t 1 root 8083 0 Jun 16 banana (note that SBIT is generally only meaningful for directories)
Six file commands to identify file types
1. Application Example:
[Root] # file ~ /. Bashrc
/Home/B/j/console/. bashrc: ASCII text
[Root] # file/usr/bin/passwd
/Usr/bin/passwd: setuid ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs ), for GNU/Linux 2.6.9, stripped
[Root] # file/usr/lib/python2.4/test/185test. db
/Usr/lib/python2.4/test/185test. db: Berkeley DB 1.85 (Hash, version 2, big-endian)
2. file is a file-type command. The simple usage of the file command is: file name. For example, file data.txt: ASCII text is used only. data.txt is a text (that is, txt) file. Txt files are encoded in ascii format. Therefore, text is the file type, and ASCII is the encoding system.
3. For example, file myworkshop: PDF document, version 1.5 "PDF document" tells us that myworkshop is a pdf file. The standard for version execution is: 1.5 is like ascii, and version 1.5 is closely related to the file type. If you need more detailed information, you can add the following parameters:

For example, file-I data.txt