Linux User Management about linux-knowledgebase HOT 1 OPEN

File Permissions

Ps: You need root privilege to perform commands.

• We can use ls -l (list long format) command to view the permissions of files/directories under the current directory. The output would be like:
  drwxr-xr-x 5 alex root 4096 Feb 3 05:02 dir/
-rw-r--r-- 1 alex root 0 Feb 3 05:00 file.txt
  For each line, the first character identifies the type of entry being listed. A dash - represents a file, a letter d represents a directory.

  The next 9 characters represent 3 sets of permissions:

  • The first three represent the permissions for the user who owns the file/directory.(user permissions)
  • The middle three represent the permissions for the members of the file/directory's group(group permissions)
  • The last three represent the permissions for anyone not in the first two cacategories(other permissions)

  There are three characters in each set of permissions:

  • r: Read permissions. The file can be opened, and its content viewed.
  • w: Write permissions. The file can be edited, modified, and deleted.
  • x: Execute permissions. If the file is a script or a program, it can be run (executed).

• Sticky Bit
  A Sticky bit is a permission bit that is set on a file or a directory that lets only the owner of the file/directory or the root user to delete or rename the file. No other user is given privileges to delete the file created by some other user.
  chmod +t file/dir turn ON the sticky bit on the directory/file by using +t flag of chmod command. Here is what happens after performing the command:
  drwxrwxrwt 2 alex root 4096 Feb 3 05:02 test/ as can be observed, a t is introduced in the permission bit of the directory.
  You can remove sticky bit through -t option: chmod -t file/dir

• setuid and setgid
  setuid and setgid (short for "set user ID" and "set group ID") are Unix access rights flags that allow users to run an executable with the permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges in order to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific.

  chmod u+s test set setuid bit on file "test". This means to provide anyone who runs test with owner's permission(you login as the owner at that moment).
  The permission sets will change. As can be observed, 's' replaces 'x'. The setuid bit is represented by an 's' in place of the 'x' of the executable bit.
  -rwxr-xr-x (before executing the command)
  -rwsr-xr-x (after)

  chmod g+s test give the group’s permissions to anyone who runs the program.(you log in as a member of the that group at the moment)
  -rwsr-sr-x This time, the 's' is present in place of 'x' on group sector.

Reference:
https://www.howtogeek.com/437958/how-to-use-the-chmod-command-on-linux/
https://www.thegeekstuff.com/2013/02/sticky-bit/
https://en.wikipedia.org/wiki/Setuid
http://catcode.com/teachmod/setuid.html

from linux-knowledgebase.