A secure system is able to deny access to unauthorized users while maintaining access for authorized users. Both user and administrator are responsible for maintaining a secure system.
Linux provides two measures to protect a system from unauthorized access. First every user must login. The login and password are verified with /etc/passwd. Second, every file has access permissions associated with it. In this article, we would be discussing the second measure.
Viewing File and Directory Permissions
To view file and directory permission, type the following command:
$ ls -l
This should produce something like:
drwxr-xr-x ali staff accounts
-rwxr-xr-x ali staff test.txt
(1) (2) (3) (4)
This information could be divided into four different items separated by a space, as indicated by numbers:
- permissions
- owner
- group
- file/directory
Lets dissect the permissions a bit more.
d rwx r-x r-x - rwx r-x r-x (1) (2) (3) (4)
- file type: d indicates a directory, - a file
- user: owner access permissions
- group: group access permissions. Groups are created and maintained by the system administrator. Group definitions are stored in /etc/group
- other: permissions for all other users
There are possible four permissions for each user, group, and other, defined by r, w, x, and -.
| Permission | File | Directory |
|---|---|---|
| r | file can be displayed or copied | contents can be listed with the ls command |
| w | file contents can be modified | users with execute access can add or delete files |
| x | file can be executed, if it is executable | user can cd to the directory. users with read access can ls |