File permissions

 

File permissions

Since Linux is a multi-user operating system, it is necessary to provide security to prevent people from accessing each other’s confidential files. So Linux divides authorization into 2 levels,

1. Ownership: Each file or directory has assigned with 3 types of owners i. User: Owner of the file who created it. ii. Group: Group of users with the same access permissions to the file or directory. iii. Other: Applies to all other users on the system

2. Permissions: Each file or directory has following permissions for the above 3 types of owners.

   i. Read: Give you the authority to open and read a file and lists its content for a directory.

   ii. Write: Give you the authority to modify the contents of a file and add, remove and rename files stored in the directory.

   iii. Execute: Give you the authority to run the program in Unix/Linux.

   The permissions are indicated with below characters,

     r = read permission
   
     w = write permission
   
     x = execute permission
   
     \- = no permission
   

   The above authorization levels represented in a diagram

There is a need to restrict own file/directory access to others.

Change access: The chmod command is used to change the access mode of a file. This command is used to set permissions (read, write, execute) on a file/directory for the owner, group and the others group.

chmod [reference][operator][mode] file...

Example
chmod ugo-rwx test.txt

There are 2 ways to use this command,

1. Absolute mode: The file permissions will be represented in a three-digit octal number.

   The possible permissions types represented in a number format as below.

   Permission Type	Number	Symbol
   No Permission	0	---
   Execute	1	--x
   Write	2	-w-
   Execute + Write	3	-wx
   Read	4	r--
   Read + Execute	5	r-x
   Read + Write	6	rw-
   Read + Write + Execute	7	rwx

Let's update the permissions in absolute mode with an example as below,

 chmode 764 test.txt

2. Symbolic mode: In the symbolic mode, you can modify permissions of a specific owner unlike absolute mode.

   The owners are represented as below,

   Owner	Description
   u	user/owner
   g	group
   o	other
   a	all

   and the list of mathematical symbols to modify the file permissions as follows,

   Operator	Description
   +	Adds permission
   -	Removes the permission
   =	Assign the permission

Changing Ownership and Group: It is possible to change the the ownership and group of a file/directory using chown command.

chown user filename
chown user:group filename

Example:
chown John test.txt
chown John:Admin test.txt

Change group-owner only: Sometimes you may need to change group owner only. In this case, chgrp command need to be used

chgrp group_name filename

Example:
sudo chgrp Administrator test.txt