Linux Basics-day Fourth

Special permissions on the Linux file system

SUID, SGID, Sticky

Permissions

R, W, X

User, group, other

Security context

Premises: The process has a group of owners and genera;

(1) Any executable program file can be started as a process: depending on whether the initiator has EXECUTE permission on the program file;

(2) After initiating as a process, the owner of the process is the initiator, and the group of the process belongs to the initiator;

(3) When a process accesses a file, it depends on the initiator of the process:

(a) The initiator of the process, the owner of the same document: The application file is the master authority;

(b) The initiator of the process, belonging to the group of documents, the application file is a group of permissions;

(c) Application of the file "other" permission;

SUID

(1) Any executable program file can be started as a process: depending on whether the initiator has EXECUTE permission on the program file;

(2) After initiating the process, the owner of the process is the owner of the original program file;

Permission settings:

chmod u+s FILE ...

chmod u-s FILE ...

SGID

By default, when a user creates a file, the group is the base group to which the user belongs;

Once a directory has been set to Sgid, the user who has write permission to this directory is the group of the groups to which the files created in this directory belong;

Permission settings:

chmod g+s DIR ...

chmod g-s DIR ...

Sticky

For a multi-person writable directory, if the sticky is set, then each user can only delete their own files;

Permission settings:

chmod o+t DIR ...

chmod o-t DIR ...

Suid:user, occupying the master's execution authority;

S: Owner has x permission

S: Owner does not have X permission

Sgid:group, occupy the group's execution permission bit;

S:group has x permissions

S:group no x permission

Sticky:other, occupying ohter's execution privilege bit;

T:other has x permissions

T:other no x permission

The difference between a hard link and a software connection

This is divided into two sections on Linux: User data and meta data (metadata). User data, which is the file block (data block), is where the real content of the file is recorded, while metadata is an attached property of the file, such as file size, creation time, owner, and so on. In Linux, the inode number in the metadata (the Inode is part of the file metadata but does not contain a file name, the inode number is the index node number) is the unique identifier of the file and not the filename. File name is only for the convenience of people's memory and use, the system or program through the inode number to find the correct file data block

To solve the shared use of files, the Linux system introduces two links: Hard link and soft link (also known as symbolic link, soft link or symbolic link). Link for Linux system to solve the shared use of files, but also bring hidden file paths, increase permissions security and save storage and other benefits. If an inode number corresponds to more than one file name, the files are called hard links. In other words, a hard link is the same file that uses multiple aliases.

Because a hard link is a file with the same inode number with only a different file name, hard links have the following characteristics:

The file has the same inode and data block;

Only files that already exist can be created;

Cannot cross file system for hard link creation;

The directory cannot be created, only the file can be created;

Deleting a hard-link file does not affect other files that have the same inode number.

A soft link differs from a hard link in that the file is a soft connection if the contents of the file's user data block are pointing to the path name of another file. Soft link is a normal file, but the content of the data block is a bit special. Soft links have their own inode numbers and user data blocks.

Soft links have their own file attributes and permissions, etc.;

You can create a soft link to a nonexistent file or directory;

Soft link can cross file system;

Soft links can be created on files or directories;

When you create a soft link, the link count i_nlink not increase;

Deleting a soft link does not affect the file being pointed to, but if the original file being pointed to is deleted, the associated soft connection is called a dead link (that is, dangling link, if it is re-created by pointing to the path file, the dead link can revert to the normal soft link).

Linux Basics-day Fourth