• On Linux, every file has three levels of permissions

  • User
  • Group
  • Others

  

• The file will contain a file type before permission levels and sticky bit at the end if it is set up. This is to prevent anyone but the owner from deleting the file

• Types of File Types

  • • : normal file that can contain data of any kind
  • d: directory contains other files or directories and helps to organize the file system (technically special)
  • l : file is a pointer to another file or directory elsewhere in the filesystem
  • b for block, c for character, s is for socket (these are mentioned but indicated to be outside of scope ) - These are the file types that should not be altered unless you know what you are doing as it will prevent the system from working

• Types of permissions

  • read : permission to open a file and read its contents. It has an octal level of 4
    • octal levels are required when adjusting the level of permissions for a file type and you want to do it numerically
  • write : permission to edit or delete a file. It has an octal level of 2
  • execute : permission to run as an executable or script. It has an octal level of 1

• If the permissions are on a directory, it contains slightly different meanings

  • Reading allows you to read the directory not the files within the directory
  • write allows you to create or delete files in a directory, or change their names, permissions, and owners
  • executable provides entering into the directory, but not the list of its files as r is required

• chmod is used to modify permissions and it can be done numerically or symbolic mode

  • symbolic options
  • you must identify what type of permission you are changing and what location (user, group, or others)
    • u - user
    • g - group
    • o - other
    • a - all
    • +/- based on whether the permission is being added or removed
    • rwx or a combination of them is put in based on what is added or removed
    • , can be used when modifying multiple permissions at the same time
    • -R - recursively means that all files inside a directory and its subdirectories

  

• groups command determine what groups exist on the system

• groupmems determines who is within a specific group

Special permissions alter the way a directory works or how a program works

• sticky bit aka restricted deletion flag has an octal value of 1
  • it is symbolically represented by a t
  • this only applies to directories
  • prevents users from removing or renaming a file in a directory unless they own that file or directory
  • t replaces x in the permissions
  • It means that in numeric notations a permission of 755 would be 1755 with a sticky bit
• SGID or set Group ID bit has an octal value of 2 and is symbolically represented by s on group permissions
  • can be applied on executable files or directories
  • if dont by a directory then it will make every file or directory created under it inherit the group from the parent directory
  • s also replaces the x in permissions
  • if the numeric notation is 755 it would be 2755 with a set group bit
• SUID or set User ID has an octal value of 4 and is represented by an s as well but on the user permissions
  • it only applies to files and its behavior
  • the process will run based on the privileges of the user who owns the file
  • s replaces the x in permissions
  • if the numeric notation is 755 it would be 4755 with a set user bit
• if SUID and SGID are combined then the numeric notation would be 6755

Lesson 5.4: Special Directories and Files