UNIX File and Directory Security: Each file and directory has permissions associated with it that directly affect whether you can read, modify, or run the file in question. An additional dimension is that you have varying access depending on what type of user you are: owner (u) group member (g) or other user [not in the group] (o) The permissions for any user category are: read (r) write (w) and execute file (x) or access directory (x) and lack of permission (-) Commands to learn: chmod(1) - change file mode umask(1) - get or set the file mode creation mask Use ls -l to show permission string as 2nd through 10th characters starting at the left. Checking the access: use both the file permission and directory permission strings to determine accessibility. The default access on a given UNIX system is: rw-rw-rw- Most cooperative rw-rw-r-- somewhat cooperative rw-r--r-- somewhat uncooperative rw-r----- rather uncooperative rw------- Most Private Changing Access permissions (if you have permission to) using chmod: { type of user } operator { type of permission } or Octal u + rwx rwxrw-rw- 766 g - rwx rw----rw- 606 o = rwx ------rwx 007 stST The correspondence between the algebraic and the octal (arithmetic) is as follows: r=400, w=200, x=100 - = 700 for the owner (u) type of user r=040, w=020, x=010 - = 070 for the group (g) type of user r=004, w=002, x=001 - = 007 for the other (o) type of user. so an octal 766 is composed of (4+2+1)(4+2+0)(4+2+0), where ( ) is an octal digit r w x r w - r w - Another way: rwxr-xrw- has either a letter or a dash in each place 111101110 is the binary equivalent so 111=7 101=5 110=6 so rwxr-xrw- is equivalent to 756 octal in fact: 000=0 001=1 010=2 011=3 100=4 101=5 110=6 111=7 Examples: $ ls -l filename -r--r--r-- 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod u+rwx filename $ ls -l filename -rwxr--r-- 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod 755 filename $ ls -l filename -rwxr-xr-x 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod ugo+w filename $ ls -l filename -rwxrwxrwx 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod 342 filename $ ls -l filename --wxr---w- 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod ugo-rwx filename $ ls -l filename ---------- 1 rkatz rkatz 51 Apr 17 19:37 filename $ chmod 644 filename $ ls -l filename -rw-r--r-- 1 rkatz rkatz 51 Apr 17 19:37 filename $ umask 027 $ echo hi > newfile $ ls -l newfile -rw-r----- 1 rkatz rkatz 3 Apr 17 19:39 newfile $ umask 022 $ echo "hi there" > newerfile $ ls -l newerfile -rw-r--r-- 1 rkatz rkatz 9 Apr 17 19:39 newerfileQuestions? Robert Katz: rkatz@ned.highline.edu