Each file or directory in Linux contains three general permissions and some special permissions, and there are three types of users who can access the file: The file owner, the user with the same group as the owner, and other users.
To view the file Permissions command:
Ls-l View all file permissions under the current folder
Ls-l file name View permissions
View the results as follows:
-rw-r--r--1 root root file name
Explanation of running Result:
The first character is typically used to differentiate between files and directories:
d: Represents a directory, in fact, in EXT2FS
-: Indicates that this is an ordinary file.
L: means this is a symbolic link file, which in fact points to another file.
B c : block devices and other peripherals, respectively, are special types of files.
S p These files relate to the system's data structures and pipelines, which are often rarely seen.
2 ~ 10 in a character 3 3 3 9 characters, which represent the following meanings:
R (read, reading ): For the file, has the right to read the contents of the file, for the directory, with browse directory
W (write, writes ): For the file, has the new, modifies the file content the permission, for the directory, has the deletion, moves the file inside the directory the permission.
X (Execute, execute ): For the file, it has permission to execute the file, and for the directory, the user has permission to enter the directory.
-: Indicates that the item does not have permission.
Each user has his or her own directory, usually centrally placed in the/home directory, the default permissions for these exclusive directories are rwx------: indicates that the directory owner itself has all permissions, Other users cannot enter the directory.
The directory created by the mkdir command is executed with the default permissions of rwxr-xr-x, and the user can modify the permissions of the directory as needed.
Special permissions:
SorS(Suid,set UID): Executable files with this permission can be privileged to arbitrarily access all the system resources that the owner of the file can use. Please note that you haveSUIDpermissions of the file, hackers often take advantage of this permission toSUIDwith theRootThe owner of the account, silently in the system to open the back door for future access and use.
SorS(SGID,Set GID): Set above the file, with the effectSUIDThe same, but instead of replacing the file owner with a user group, the file can access any system resources that the entire user group can use.
TorT(Sticky):/ tmpand the/var/tmpdirectory for all users to temporarily access files, that is, each user has the full access to the directory, to browse, delete and move files.
BecauseSUID,SGID,Stickyoccupyxposition, so there is a case for the representation. Join simultaneously to open Execute permissions andSUID,SGID,Sticky, the permission indicates that the character is lowercase:
-rwsr-sr-t 1 root root
If execute permission is turned off, the character is capitalized:
-rwsr-sr-t 1 root root
chmod Command Modify Permissions:
There are two ways to use this command. One is a text-setting method that contains letters and operator expressions, and the other is a digital setting method that contains numbers.
1. Text Setting method
chmod [who] [+ | - | =] [mode] File name
The meanings of the options in the command are:
Action object who is either or a combination of the following letters:
U means "user", which is the owner of the file or directory.
G means "same group user", that is, all users who have the same group ID as the file owner.
O means "other (others) users".
A means "all users". It is the system default value.
The operation symbols can be:
+ Add a permission.
-Cancels a permission.
= gives the given permission and cancels all other permissions, if any.
Setting the permissions represented by mode can be any combination of the following letters:
R is readable.
W writable.
X executable.
x append the x attribute only if the destination file is executable to some users, or if the target file is a directory.
S is the owner of the file in which the owner or group ID of the process is placed when the file is executed. The way "U+s" sets the user ID bit of the file, "G+s" sets the group ID bit.
T save the program's text to the swap device.
You have the same permissions as the owner of the file.
G has the same permissions as a user with the same group as the file owner.
o have the same permissions as other users.
File name: A list of files separated by spaces to change permissions, and wildcard characters are supported.
Multiple permission methods can be given in one command line, separated by commas. Example: chmod g+r,o+r Example
Enables the same group and other users to have read access to the file example.
2. Digital Setting method
chmod [mode] file name
Where mode is given a value of three digits, the format of the numeric attribute should be 3 octal numbers from 0 to 7, in the Order of (U) (g) (O).
R: corresponding value 4
W: corresponding value 2
X: Corresponding value 1
-: Corresponding value 0
Example: rwx r-x r--for user u, whose permissions are 4+2+1=7; user g, permission is 4+0+1=5; user o, permission is 4+0+0=4.
Explain:
we will rwx as a binary number, if there is 1 said that there was no 0 said, then rwx r-x R- it can be represented as:
111 101 100, then convert it to a decimal number for every three bits, which is 754
Linux File permissions issues