Cracking IT Interview

​​​


File permission for user

File permission is one of the important key features in Unix file security. It enables a user to access files according to permission assigned as per his types of access and authority over a file. This feature is used to restrict for accessing and making changes to a file.






There are 3 types of users in Unix file system: "ugo" 
where:
"u" - Owner / User, who creates file
"g" - Group, file owner belongs to this group
"o" - Others, outside users who use this file

"a" - stands for all types of users (ugo)

There are 3 types of permission "rwx" provided with the file. 

There are 2 ways for assigning permission to a file as below: 

Relative permission : "rwx"
where:
r - read permission
w - write permission
x - execute permission


Absolute permission: "421"

where:
4 - read permission
2 - write permission
1 - execute permission


Whenever we give ls command in long list with "-l" option, we get the output like:


$ls -l

drwxr-xr-x  3 pinku  guest   512 Dec 24 08:10 A_dir
-rw-r--r--  1 pinku  guest  6345 Dec 29 00:53 Cocoon
drwxrwxrwx  3 pinku  guest   512 Dec 24 08:53 G_dir
-rw-r--r--  1 pinku  guest  1017 Dec 29 01:04 ShortStory.txt.gz
-rw-r--r--  1 pinku  guest  5120 Jan  7 05:30 arch1.tar

For "A_dir" directory, first column - File-type and Permission field appears like "drwxr-xr-x" which is relative permission mode and it consists of 10 characters.


  • 1st character gives the file type information such as it is general file, or directory or other files like link, socket etc. So here, first character "d" represents that it is directory.


  • Rest 9 characters represents file permission: rwxr-xr-x, we can consider it as 3 pair of "rwx" field, if somewhere permission is missed then it's represented by "-" (hyphen) means no permission. 


  • 1st pair of "rwx" means file owner is having all the read, write and execute permission. 2nd and 3rd pair of "r-x" means group is having read and execute permission but no write permission.


Simillarly for Cocoon, "-rw-r--r--" means: it's a general file with read and write permission (rw-) to Owner of file, and only read permission to group and others.


Converting to Absolute File permission mode from Relative mode:


  • r-- (read permission only) - 4
  • -w- (write permission only) - 2
  • --x (execute permission only) - 1
  • rw- (read and write permission) - 4+2 = 6
  • r-x (read and execute permission) - 4+1 = 5
  • -wx (write and execute permission) - 2+1 = 3
  • rwx (read, write and execute) - 4+2+1 == 7



By default file permission


Whenever we create some files, there are by default permission assigned to it automatically.


  • Normal file:    644 (-rw-r--r--)
  • Directory file: 755 (drwxr-xr-x)
  • Link file :       755 (lrwxr-xr-x)








chmod (change mod)


chmod command is used to assign file permission to the types of user. 


Syntax:

chmod [options] permision filename


Example:


(Absolute permission)

$ls -l Cocoon
-rw-r--r--  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod 777 Cocoon
$ls -l Cocoon
-rwxrwxrwx  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod 421 Cocoon
$ls -l Cocoon
-r---w---x  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod 644 Cocoon
$ls -l Cocoon
-rw-r--r--  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod 755 Cocoon
$ls -l Cocoon
-rwxr-xr-x  1 pinku  guest  6345 Dec 29 00:53 Cocoon

$chmod 6 Cocoon
$ls -l Cocoon
-------rw-  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod 45 Cocoon
$ls -l Cocoon
----r--r-x  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$

(Relative permission)

$ls -l Cocoon
----r--r-x  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod u+r Cocoon
$ls -l Cocoon
-r--r--r-x  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod ugo+w Cocoon
$ls -l Cocoon
-rw-rw-rwx  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod ugo-rwx Cocoon
$ls -l Cocoon
----------  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod a+rwx Cocoon

$ls -l Cocoon
-rwxrwxrwx  1 pinku  guest  6345 Dec 29 00:53 Cocoon

$chmod a-rwx Cocoon
$ls -l Cocoon
----------  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod +rwx Cocoon
$ls -l Cocoon
-rwxr-xr-x  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod -rwx Cocoon
$ls -l Cocoon
----------  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$chmod u+rw,g+rx,o+r Cocoon
$ls -l Cocoon
-rw-r-xr--  1 pinku  guest  6345 Dec 29 00:53 Cocoon
$

Options with chmod command:


  • -R option, used for recursive operation in terms of directory.


  • -v option, verbose mode which prints additional information on screen.








Examples:


$ls -lR A_dir
total 12
drwxr-xr-x  3 pinku  guest  512 Dec 24 02:48 A1
-rw-r--r--  1 pinku  guest    3 Dec 24 02:52 file1.txt
-rw-r--r--  1 pinku  guest    3 Dec 24 02:53 file2.txt
-rw-r--r--  1 pinku  guest    0 May 15  2015 myfile2.txt

A_dir/A1:
total 4
drwxr-xr-x  2 pinku  guest  512 Dec 24 02:48 A2

A_dir/A1/A2:
total 0
$chmod -R a-rwx A_dir
$ls -lR A_dir
total 0
ls: A_dir: Permission denied
$chmod -R a+rwx A_dir
chmod: A_dir: Permission denied
$chmod 755 A_dir
$ls -lR A_dir
total 12
d---------  3 pinku  guest  512 Dec 24 02:48 A1
----------  1 pinku  guest    3 Dec 24 02:52 file1.txt
----------  1 pinku  guest    3 Dec 24 02:53 file2.txt
----------  1 pinku  guest    0 May 15  2015 myfile2.txt

A_dir/A1:
total 0
ls: A_dir/A1: Permission denied
$

$cd A_dir
$pwd
/home/pinku/my_dir/A_dir
$chmod -R 755 .

("." includes hidden file permissions as well, if you want to exclude the hidden files during permission then use "*" in place of ".")
chmod: ./A1/A2: Permission denied
$ls -lR A_dir
ls: A_dir: No such file or directory
$ls -laR
total 20
drwxr-xr-x  3 pinku  guest   512 Dec 24 08:10 .
drwxr-xr-x  6 pinku  guest  1024 Jan  7 12:08 ..
drwxr-xr-x  3 pinku  guest   512 Dec 24 02:48 A1
-rwxr-xr-x  1 pinku  guest     3 Dec 24 02:52 file1.txt
-rwxr-xr-x  1 pinku  guest     3 Dec 24 02:53 file2.txt
-rwxr-xr-x  1 pinku  guest     0 May 15  2015 myfile2.txt

./A1:
total 12
drwxr-xr-x  3 pinku  guest  512 Dec 24 02:48 .
drwxr-xr-x  3 pinku  guest  512 Dec 24 08:10 ..
drwxr-xr-x  2 pinku  guest  512 Dec 24 02:48 A2

./A1/A2:
total 8
drwxr-xr-x  2 pinku  guest  512 Dec 24 02:48 .
drwxr-xr-x  3 pinku  guest  512 Dec 24 02:48 ..
$

$ls -l
total 12
drwxr-xr-x  3 pinku  guest  512 Dec 24 02:48 A1
-rwxr-xr-x  1 pinku  guest    3 Dec 24 02:52 file1.txt
-rwxr-xr-x  1 pinku  guest    3 Dec 24 02:53 file2.txt
-rwxr-xr-x  1 pinku  guest    0 May 15  2015 myfile2.txt
$chmod -Rv 744 *
A1/A2
A1
file1.txt
file2.txt
myfile2.txt
$ls -lR
total 12
drwxr--r--  3 pinku  guest  512 Dec 24 02:48 A1
-rwxr--r--  1 pinku  guest    3 Dec 24 02:52 file1.txt
-rwxr--r--  1 pinku  guest    3 Dec 24 02:53 file2.txt
-rwxr--r--  1 pinku  guest    0 May 15  2015 myfile2.txt

./A1:
total 4
drwxr--r--  2 pinku  guest  512 Dec 24 02:48 A2

./A1/A2:
total 0
$


NEXT->​