|
-
December 4th, 2003, 11:11 PM
#1
Setting Perms in Linux
OK, enough people have asked me about Linux file permissions so I figured I'd write a short tutorial on how they work. It is *very* simple. Here we go...
Type this command at the console anyplace in the directory tree
#[Crack-Monsta@Localhost Acid]ls -ld
This will return something like this:
drwxr-xr-x 19 root root 4096 Nov 20 09:05
The first letter indicates a directory and tells you that the owner has Read Write and eXecute rights. Now, lets take this apart to see how this works:
If we break this up, from left to right you get this:
d rwx r-x r-x
directory Owner perms Group perms Everyone else perms
The "-" indicates that the right is turned off. So, we can say that the owner has full rights while the group and everyone else has read and execute only because the "-" tells us that the write permission is turned off.
CHANGING PERMISSIONS WITH CHMOD
================================
For some reason people are afraid of this command. You'll see someone do a chmod 777 on a file and you wonder to yourself, "What the hell is that all about?". It's easy. Each permission is assigned a value as follows
r (read) = 4
w (write) = 2
x (execute) = 1
So in chmod 777 you are giving full rights to the owner, the group and everyone else. Still confused? Look at this table below
chmod 777 files -- rwxrwxrwx
chmod 755 files -- rwxr-xr-x
chmod 644 files -- rw-r--r--
chmod 000 files -- ---------
So it is all just a matter of simple math to assign or revoke perms. That's it. Now, isn't that simple? 
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
December 4th, 2003, 11:14 PM
#2
chmod 777 is my fav
-
December 4th, 2003, 11:20 PM
#3
In a way yes, and in a way no. Now that you know how to change the permissions to a file you have to decide what they should be. That can be confusing at times. I have a web server and I just recently figured out something with permissions. If you have a directory with no default page to load such as index.html, and the permissions aren't set correctly to that directory, any user can browse it as the please. What I did was do a chmod 711 on the directories that I don't want users browsing. This should give it rwx--x--x which will allow users to execute what is in the directories like maybe if there is a link to download something, but they can't just browse the directory at their leisure. So now that you know how to set permissions, the next step is to decide what you want to be able to do with the file.
p.s. Good tut TH13. This is must know and something that a lot of newbies don't know much about.
-
December 4th, 2003, 11:25 PM
#4
Well you can set the default permissions that your box hands out with the umask command. By default, I believe that Linux hands out 755 for directories and 644 for files. Of course, as with anything else in Linux, this is configurable.
Just type umask at the console, if it reads 0022 then this is the permission structure mentioned above.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
December 4th, 2003, 11:27 PM
#5
TheHorse, might want to add chown, lsattr and chattr as they'd help with the perms.
-
December 5th, 2003, 12:19 AM
#6
also check this web site for a head start if you are moving to unix. http://www.ctssn.com/
-
December 5th, 2003, 12:54 AM
#7
Member
it is also easier (in my opinion) to use chmod without the numbers but with u(ser), g(roup), o(ther), a(ll), +, -, r(ead), w(rite), and (e)x(ecute). For example, to add execution permissions to everyone, you would give the command: chmod o+x file and to take away write permissions from the group the command would be: chmod g-w file. You can also use "=" like chmod u=rwe file, to give the owner full permissions.
-
December 5th, 2003, 03:21 AM
#8
Yes chattr can be a very useful command if used correctly...nice tutorial though th13
Good Day
"Serenity is not the absence of conflict, but the ability to cope with it."
-
December 5th, 2003, 03:47 AM
#9
Originally posted here by h3r3tic
What I did was do a chmod 711 on the directories that I don't want users browsing. This should give it rwx--x--x which will allow users to execute what is in the directories like maybe if there is a link to download something, but they can't just browse the directory at their leisure.
I figured you would have had to add read rights as well, but I just viewed a movie in a directory I couldn't browse (as another user) by using a sym link to it. The link had privs, the movie did too, but I couldn't browse the directory.
Huh. Learn something new every day. 
-
December 5th, 2003, 04:43 PM
#10
Yeah, I know there are many, many ways to set permissions, but chmod seems to be the one that I get the most questions about. I figured a quick little lesson would be helpful.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
