[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
slackbook:filesystem_permissions [2012/09/12 21:31 (UTC)] – updated code block to syntax highlighting mfillpot | slackbook:filesystem_permissions [2012/10/15 22:28 (UTC)] (current) – [SUID, SGID, and the Sticky Bit] gerardo.zamudio | ||
---|---|---|---|
Line 12: | Line 12: | ||
- | < | + | < |
darkstar:~$ ls -l /bin/ls | darkstar:~$ ls -l /bin/ls | ||
-rwxr-xr-x 1 root root 81820 2007-06-08 21:12 /bin/ls | -rwxr-xr-x 1 root root 81820 2007-06-08 21:12 /bin/ls | ||
Line 23: | Line 23: | ||
case, the permissions are rwxr-xr-x, the user is root and the group is | case, the permissions are rwxr-xr-x, the user is root and the group is | ||
also root. The permissions section, while grouped together, is really | also root. The permissions section, while grouped together, is really | ||
- | three seperate | + | three separate |
permissions granted to the user that owns the file. The second set of | permissions granted to the user that owns the file. The second set of | ||
three are those granted to the group owner, and the final three are | three are those granted to the group owner, and the final three are | ||
Line 36: | Line 36: | ||
|Others |r-x |Everyone else may read and execute| | |Others |r-x |Everyone else may read and execute| | ||
- | he permissions are pretty self explainatory | + | The permissions are pretty self explanatory |
files. Read, write, and execute allow you to read a file, write to it, | files. Read, write, and execute allow you to read a file, write to it, | ||
or execute it. But what do these permissions mean for directories? | or execute it. But what do these permissions mean for directories? | ||
Line 51: | Line 51: | ||
- | < | + | < |
darkstar:~$ ls -ld /home/alan | darkstar:~$ ls -ld /home/alan | ||
drwxr-x--- 60 alan users 3040 2008-06-06 17:14 /home/alan/ | drwxr-x--- 60 alan users 3040 2008-06-06 17:14 /home/alan/ | ||
Line 76: | Line 76: | ||
- | < | + | < |
darkstar:~# ls -l /tmp/foo | darkstar:~# ls -l /tmp/foo | ||
total 0 | total 0 | ||
Line 93: | Line 93: | ||
- | < | + | < |
darkstar:~# chown root:root /tmp/foo/b | darkstar:~# chown root:root /tmp/foo/b | ||
darkstar: | darkstar: | ||
Line 108: | Line 108: | ||
- | < | + | < |
darkstar:~# chown -R root:root / | darkstar:~# chown -R root:root / | ||
Line 116: | Line 116: | ||
- | < | + | < |
darkstar:~# chown :wheel /tmp/foo/a | darkstar:~# chown :wheel /tmp/foo/a | ||
darkstar:~# ls -l /tmp/foo | darkstar:~# ls -l /tmp/foo | ||
Line 166: | Line 166: | ||
By adding these values together, we can reach any number between 0 and | By adding these values together, we can reach any number between 0 and | ||
7 and specify all possible permission combinations. For example, to | 7 and specify all possible permission combinations. For example, to | ||
- | grant both read and write privilages | + | grant both read and write privileges |
use the number 6. The number 3 would grant write and execute | use the number 6. The number 3 would grant write and execute | ||
permissions, | permissions, | ||
Line 174: | Line 174: | ||
- | < | + | < |
darkstar:~# ls -l /tmp/foo/a | darkstar:~# ls -l /tmp/foo/a | ||
-rw-r--r-- 1 root root 0 2008-06-06 22:29 a | -rw-r--r-- 1 root root 0 2008-06-06 22:29 a | ||
Line 205: | Line 205: | ||
group, and //" | group, and //" | ||
adding or removing permissions with the //" | adding or removing permissions with the //" | ||
- | sets can be changed at once by seperating | + | sets can be changed at once by separating |
- | < | + | < |
darkstar:/ | darkstar:/ | ||
total 0 | total 0 | ||
Line 224: | Line 224: | ||
-rwxr-x--- 1 alan users 0 2008-06-06 23:37 c* | -rwxr-x--- 1 alan users 0 2008-06-06 23:37 c* | ||
-r-xr----- 1 alan users 0 2008-06-06 23:37 d* | -r-xr----- 1 alan users 0 2008-06-06 23:37 d* | ||
- | </ | + | </ |
Line 250: | Line 250: | ||
- | < | + | < |
darkstar:~# ls -l / | darkstar:~# ls -l / | ||
/etc/passwd \ | /etc/passwd \ | ||
Line 268: | Line 268: | ||
soon as you look at the two files it modifies. Neither | soon as you look at the two files it modifies. Neither | ||
''/ | ''/ | ||
- | are writeable | + | are writable |
their personal information, | their personal information, | ||
run as root in order to modify those files. | run as root in order to modify those files. | ||
Line 282: | Line 282: | ||
- | < | + | < |
darkstar:~# ls -ld /tmp | darkstar:~# ls -ld /tmp | ||
drwxrwxrwt 1 root root 34844 2008-03-24 16:11 /tmp | drwxrwxrwt 1 root root 34844 2008-03-24 16:11 /tmp | ||
Line 288: | Line 288: | ||
- | Naturally, being a directory for the storage of temporary files sytem | + | Naturally, being a directory for the storage of temporary files system |
- | wide, ''/ | + | wide, ''/ |
executable by anyone and everyone. Since any user is likely to have a | executable by anyone and everyone. Since any user is likely to have a | ||
file or two stored here at any time, it only makes good sense to | file or two stored here at any time, it only makes good sense to | ||
Line 298: | Line 298: | ||
**Table 10.5. SUID, SGID, and " | **Table 10.5. SUID, SGID, and " | ||
- | ^Permission | + | ^Permission Type ^Octal Value ^Letter Value| |
|SUID |4 |s| | |SUID |4 |s| | ||
|SGID |2 |s| | |SGID |2 |s| | ||
Line 311: | Line 311: | ||
- | < | + | < |
darkstar:~# chmod 1777 /tmp | darkstar:~# chmod 1777 /tmp | ||
darkstar:~# chmod 4711 / | darkstar:~# chmod 4711 / | ||
Line 322: | Line 322: | ||
- | < | + | < |
darkstar:~# chmod ug+rwx, | darkstar:~# chmod ug+rwx, | ||
darkstar:~# chmod u+rws,go+x / | darkstar:~# chmod u+rws,go+x / | ||
Line 337: | Line 337: | ||
<!-- Authors are allowed to give credit to themselves! --> | <!-- Authors are allowed to give credit to themselves! --> | ||
* Originally written by Alan Hicks, Chris Lumens, David Cantrell, Logan Johnson | * Originally written by Alan Hicks, Chris Lumens, David Cantrell, Logan Johnson | ||
- | <!-- * Contrbutions | + | <!-- * Contributions |
<!-- Please do not modify anything below, except adding new tags.--> | <!-- Please do not modify anything below, except adding new tags.--> | ||
<!-- You must also remove the tag-word " | <!-- You must also remove the tag-word " | ||
{{tag> | {{tag> |