Security basics, Part 1

Security is always an issue in multiuser computing systems. Unix provides a rich set of security options, and this month we begin a three-part security series by exploring some basics.

As a true multiuser, multitasking operating system, Unix has a fairly sophisticated method for setting file and directory permissions.

The chmod command is simple once you've grasped the basics. To understand it, let's start with a small directory listing that can be generated by the ls -l command.

$ ls -l 
  drwxrwxr-x    1 mob      wp    2018 Aug 30 23:45 adir 
  -rw-rw-r--    1 mob      wp    8755 Aug 30 23:37 picture.gif 
  -rwxrwxr-x    1 mob      wp    8525 Sep  4 02:48 command.sh 
 
$ 

The permissions are indicated by a series of letters on the left-hand side of the listing. The first character indicates the type of the entry. For our purposes, the first character will be either a dash (-) to indicate that the entry is a file or a d to indicate that it's a directory.

After the initial character, a series of rwxs (or the absence of the same) on the left side of the listing indicates the access permissions for that file or entry.

The nine characters after the initial entry-type indicator are broken into three groups, each containing three characters. Each group of three from left to right indicates the permissions given to the owner, group, and others, respectively.

An r indicates that read permission is given to the user who owns the file, group the owner belongs to, or the rest of the world. An r allows a file to be read, and a directory to be listed with ls and related utilities. A w indicates write permission. If this is an entry for a directory, w means that new files can be created within it.

In the following example, the owner, mob, has read and write permissions on picture.gif.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine