What are the file permissions? (II)

Print E-mail
Technology - Software
Thursday, 09 August 2012 02:28

Yesterday we spent a few minutes to discuss one aspect that often leads to confusion, and occasional headache, among users who are getting started in the administration of systems based on Unix , Linux or Mac OS X : The file and folder permissions . After knowing what are the permissions, what types of permits are there and what they are, now let's continue with this topic from a more practical view since we focus on the notation usually used to express the permissions folders and files: symbolic notation octal notation.

Acceso

Symbolic notation

To summarize what we discussed yesterday, a user might have permissions to read, write or execute on a given file (in the case of a folder only come from the first two and, in the case of reading, it implies that we can navigate within folder). In addition, permits were from the user perspective and distinguished permissions to the file owner, the group ownership and permissions for other users of the system (UGO, User, Group, Others). In other words, a file will present 3 sets of permissions, ie a set of permissions (read, write and execute) to the owner, group and other system users.

Logically, this information must be visible by the administrator and, above all, easily understandable. With this idea, is quite common to use a symbolic notation with which to represent, through a combination of 10 characters, the permissions that a file or a directory.

Within these 10 characters, the first represents the type of "object" that we are driving, ie a file, directory, link, etc.. The most common characters are:

  • Regular files are represented by a dash (-)
  • Directories are represented by the letter d
  • Block special files are represented by the letter b
  • Character special files are represented by the letter c
  • Symbolic links are represented by the letter l

After this first character adds a further nine triplet representing the permissions for each of the three user perspectives that exist, ie 3 characters to represent the permissions of the file owner, 3 characters to represent the group permissions and other 3 to represent the permissions of other users of the system. The shortlist follows the order read-write-execute and is represented by the characters 'r', 'w' and 'x' character to appear when the permits and appearing have a dash ('-') when not possess such permits .

Permisos notacion simbolica

That is, if when listing the contents of a folder from the console we get something like drw-r----- want to say that we are in front of a directory on which the owner has read and write permissions, the user group only reading (you can access it but not writing) and other users can not do anything. In -rwxr-x--x we will be in a regular file in which the owner has permissions to read, write and execute and both the user group is assigned as the other users of the system also have execute permission .

Octal notation

Once understood the rules governing the use of symbolic notation comes time to enter the part that we may be, at first sight, somewhat more complicated: the octal notation.

What is the octal notation? Is a representation of the permissions of the files using digits instead and use strings of characters. Specifically, each of the last 8 characters of symbolic notation (which defines permissions) is replaced by one bit to 1 if the permission has been granted and a 0 otherwise, ie 111100100 would be equivalent to rwxr--r-- , and the combination of ones and zeros we had to octal digit basis (taking 3 bits):

rwxr--r-- = 111100100 = 744

This numerical notation is quite common in use and, for example, is something that we see in the file management offered by many hosting providers or, if we manage a console, when we change the permissions of a file in Linux using the command chmod.

If you have not mastered very well converting to octal, we can store the following rule:

  • Reading the bit 4 of the total sum
  • The write bit adds 2 to the total
  • The execute bit adds 1 to the total

Knowing how this notation, from now on should be easier to understand what resultarnos mean permission as usual as the 775, 644, the 777 or 600:

  • 775 = 111111101 = rwxrwxr-x , ie, owner and group have all permits and all other users only read and execute.
  • 644 = 110100100 = rw-r--r-- , ie, the owner has permission to read and write and the rest, both in the same group as the others, only reading.
  • 777 = 111111111 = rwxrwxrwx scheme would be a full permissions for everyone.
  • 600 = 110000000 = rw------- would be a scheme in which only the file owner has read and write permissions.

Now what do we do?

To close the circle next installment to devote a few tips aimed at improving the security of our web server using the appropriate permissions to files and also discuss some additional details.

Images: The Void Ghost and




Font

< Prev   Next >