Setting Perms in Linux
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Setting Perms in Linux

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884

    Setting Perms in Linux

    OK, enough people have asked me about Linux file permissions so I figured I'd write a short tutorial on how they work. It is *very* simple. Here we go...


    Type this command at the console anyplace in the directory tree

    #[Crack-Monsta@Localhost Acid]ls -ld

    This will return something like this:

    drwxr-xr-x 19 root root 4096 Nov 20 09:05

    The first letter indicates a directory and tells you that the owner has Read Write and eXecute rights. Now, lets take this apart to see how this works:

    If we break this up, from left to right you get this:

    d rwx r-x r-x
    directory Owner perms Group perms Everyone else perms

    The "-" indicates that the right is turned off. So, we can say that the owner has full rights while the group and everyone else has read and execute only because the "-" tells us that the write permission is turned off.

    CHANGING PERMISSIONS WITH CHMOD
    ================================

    For some reason people are afraid of this command. You'll see someone do a chmod 777 on a file and you wonder to yourself, "What the hell is that all about?". It's easy. Each permission is assigned a value as follows
    r (read) = 4
    w (write) = 2
    x (execute) = 1

    So in chmod 777 you are giving full rights to the owner, the group and everyone else. Still confused? Look at this table below

    chmod 777 files -- rwxrwxrwx
    chmod 755 files -- rwxr-xr-x
    chmod 644 files -- rw-r--r--
    chmod 000 files -- ---------

    So it is all just a matter of simple math to assign or revoke perms. That's it. Now, isn't that simple?
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Posts
    193
    chmod 777 is my fav

  3. #3
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    Now, isn't that simple?
    In a way yes, and in a way no. Now that you know how to change the permissions to a file you have to decide what they should be. That can be confusing at times. I have a web server and I just recently figured out something with permissions. If you have a directory with no default page to load such as index.html, and the permissions aren't set correctly to that directory, any user can browse it as the please. What I did was do a chmod 711 on the directories that I don't want users browsing. This should give it rwx--x--x which will allow users to execute what is in the directories like maybe if there is a link to download something, but they can't just browse the directory at their leisure. So now that you know how to set permissions, the next step is to decide what you want to be able to do with the file.

    p.s. Good tut TH13. This is must know and something that a lot of newbies don't know much about.

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Well you can set the default permissions that your box hands out with the umask command. By default, I believe that Linux hands out 755 for directories and 644 for files. Of course, as with anything else in Linux, this is configurable.

    Just type umask at the console, if it reads 0022 then this is the permission structure mentioned above.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    TheHorse, might want to add chown, lsattr and chattr as they'd help with the perms.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member
    Join Date
    Feb 2003
    Posts
    193
    also check this web site for a head start if you are moving to unix. http://www.ctssn.com/

  7. #7
    Member
    Join Date
    Dec 2001
    Posts
    31
    it is also easier (in my opinion) to use chmod without the numbers but with u(ser), g(roup), o(ther), a(ll), +, -, r(ead), w(rite), and (e)x(ecute). For example, to add execution permissions to everyone, you would give the command: chmod o+x file and to take away write permissions from the group the command would be: chmod g-w file. You can also use "=" like chmod u=rwe file, to give the owner full permissions.

  8. #8
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    352
    Yes chattr can be a very useful command if used correctly...nice tutorial though th13
    Good Day
    "Serenity is not the absence of conflict, but the ability to cope with it."

  9. #9
    Senior Member
    Join Date
    Mar 2003
    Posts
    135
    Originally posted here by h3r3tic
    What I did was do a chmod 711 on the directories that I don't want users browsing. This should give it rwx--x--x which will allow users to execute what is in the directories like maybe if there is a link to download something, but they can't just browse the directory at their leisure.
    I figured you would have had to add read rights as well, but I just viewed a movie in a directory I couldn't browse (as another user) by using a sym link to it. The link had privs, the movie did too, but I couldn't browse the directory.
    Huh. Learn something new every day.

  10. #10
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Yeah, I know there are many, many ways to set permissions, but chmod seems to be the one that I get the most questions about. I figured a quick little lesson would be helpful.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •