Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
slackbook:filesystem_permissions [2012/09/09 15:19 (UTC)]
mfillpot [SUID, SGID, and the Sticky Bit] added navigation section
slackbook:filesystem_permissions [2012/10/15 22:28 (UTC)] (current)
gerardo.zamudio [SUID, SGID, and the Sticky Bit]
Line 23: Line 23:
 case, the permissions are rwxr-xr-x, the user is root and the group is case, the permissions are rwxr-xr-x, the user is root and the group is
 also root. The permissions section, while grouped together, is really also root. The permissions section, while grouped together, is really
-three seperate ​pieces. The first set of three letters are the+three separate ​pieces. The first set of three letters are the
 permissions granted to the user that owns the file. The second set of permissions granted to the user that owns the file. The second set of
 three are those granted to the group owner, and the final three are three are those granted to the group owner, and the final three are
Line 36: Line 36:
 |Others |r-x |Everyone else may read and execute| |Others |r-x |Everyone else may read and execute|
  
-he permissions are pretty self explainatory ​of course, at least for+The permissions are pretty self explanatory ​of course, at least for
 files. Read, write, and execute allow you to read a file, write to it, files. Read, write, and execute allow you to read a file, write to it,
 or execute it. But what do these permissions mean for directories?​ or execute it. But what do these permissions mean for directories?​
Line 166: Line 166:
 By adding these values together, we can reach any number between 0 and By adding these values together, we can reach any number between 0 and
 7 and specify all possible permission combinations. For example, to 7 and specify all possible permission combinations. For example, to
-grant both read and write privilages ​while denying execute, we would+grant both read and write privileges ​while denying execute, we would
 use the number 6. The number 3 would grant write and execute use the number 6. The number 3 would grant write and execute
 permissions,​ but deny the ability to read the file. We must specify a permissions,​ but deny the ability to read the file. We must specify a
Line 184: Line 184:
  
 **//​chmod//​** can also use letter values along with **//​chmod//​** can also use letter values along with
-<​key>​+</​key>​ or <key>-</​key>​ to grant or deny permissions.+<key>'+'</​key>​ or <key>Minus</​key>​ to grant or deny permissions.
 While this may be easier to While this may be easier to
 remember, it's often easier to use the octal permissions. ​ remember, it's often easier to use the octal permissions. ​
Line 205: Line 205:
 group, and //"​o"//​ for all others. You must also specify whether you are group, and //"​o"//​ for all others. You must also specify whether you are
 adding or removing permissions with the //"​+"//​ and //"​-"//​ signs. Multiple adding or removing permissions with the //"​+"//​ and //"​-"//​ signs. Multiple
-sets can be changed at once by seperating ​each with a comma.+sets can be changed at once by separating ​each with a comma.
  
  
Line 261: Line 261:
  
 Notice the permissions on **//​passwd//​**. Instead of Notice the permissions on **//​passwd//​**. Instead of
-an <​key>​x</​key>​ in the user's execute slot, we have an +an <key>'x'</​key>​ in the user's execute slot, we have an 
-<​key>​s</​key>​. This tells us that+<key>'s'</​key>​. This tells us that
 **//​passwd//​** is a SUID program, and when we run **//​passwd//​** is a SUID program, and when we run
 it, the process will run as the user //"​root"//​ rather than as the user it, the process will run as the user //"​root"//​ rather than as the user
Line 268: Line 268:
 soon as you look at the two files it modifies. Neither soon as you look at the two files it modifies. Neither
 ''/​etc/​passwd''​ nor ''/​etc/​shadow''​ ''/​etc/​passwd''​ nor ''/​etc/​shadow''​
-are writeable ​by anyone other than root. Since users need to change+are writable ​by anyone other than root. Since users need to change
 their personal information,​ **//​passwd//​** must be their personal information,​ **//​passwd//​** must be
 run as root in order to modify those files. run as root in order to modify those files.
Line 288: Line 288:
  
  
-Naturally, being a directory for the storage of temporary files sytem +Naturally, being a directory for the storage of temporary files system 
-wide, ''/​tmp''​ needs to be readable, ​writeable, and+wide, ''/​tmp''​ needs to be readable, ​writable, and
 executable by anyone and everyone. Since any user is likely to have a executable by anyone and everyone. Since any user is likely to have a
 file or two stored here at any time, it only makes good sense to file or two stored here at any time, it only makes good sense to
 prevent other users from deleting those files, so the sticky bit has prevent other users from deleting those files, so the sticky bit has
-been set. You can see it by the presence of the <​key>​t</​key>​ in +been set. You can see it by the presence of the <key>'t'</​key>​ in 
-place of the <​key>​x</​key>​ in the world permissions section.+place of the <key>'x'</​key>​ in the world permissions section.
  
  
 **Table 10.5. SUID, SGID, and "​Sticky"​ Permissions** **Table 10.5. SUID, SGID, and "​Sticky"​ Permissions**
-^Permission ​^Type ^Octal Value ^Letter Value|+^Permission Type ^Octal Value ^Letter Value|
 |SUID |4 |s| |SUID |4 |s|
 |SGID |2 |s| |SGID |2 |s|
Line 334: Line 334:
 ====== Sources ====== ====== Sources ======
 <!-- If you copy information from another source, then specify that source --> <!-- If you copy information from another source, then specify that source -->
- * Original source: [[http://​www.slackbook.org/​beta/]] +  ​* Original source: [[http://​www.slackbook.org/​beta]] ​\\
 <!-- Authors are allowed to give credit to themselves! --> <!-- Authors are allowed to give credit to themselves! -->
-<​!-- ​* Originally written by [[wiki:​user:​xxx | User X]] --> +  ​* Originally written by Alan Hicks, Chris Lumens, David Cantrell, Logan Johnson 
-<!-- * Contrbutions ​by [[wiki:​user:​yyy | User Y]] -->+<!-- * Contributions ​by [[wiki:​user:​yyy | User Y]] -->
  
 <!-- Please do not modify anything below, except adding new tags.--> <!-- Please do not modify anything below, except adding new tags.-->
 <!-- You must also remove the tag-word "​template"​ below. Otherwise your page will not show up in the Table of Contents --> <!-- You must also remove the tag-word "​template"​ below. Otherwise your page will not show up in the Table of Contents -->
 {{tag>​slackbook filesystem permissions suid sgid sticky_bit chmod chown chgrp}} {{tag>​slackbook filesystem permissions suid sgid sticky_bit chmod chown chgrp}}

In Other Languages
QR Code
QR Code slackbook:filesystem_permissions (generated for current page)