controlling access to files
- ‘-’ : normal file
- ’d’ : directory
- ‘l’ : link
permissions evaluated by: user > group > other
execute on directory means the content of that directory can be accessed
chmod chown
- only the root user can transfer ownership
-
as separator between owner and group for chown, can use :newgroup for just group; newuser: ? or newuser ? for just user
. could be used in the past, still possible, but don’t, because you could have a period in the user’s name
|
|
-R for recursive permission set X means we’re going to give you read and execute to directory, but only read permissions to the content of the directory Cap means ignore on recurse?
managing default permissions
more than 3 permissions
sticky bit
can use leading 1
applicable only to directories
|
|
in a collaborative directory where you have write perms to the dir, sticky bit would mean you can only delete files that you are the owner of
lowercase t means execution perm for other, and also sticky bit; T would mean just sticky bit
blocked operation would return ‘Operation not permitted’
Setting the sticky bit with octals:
chmod 1770 thefile
the first octal is the sticky bit: 1 for set, 0 for unset
grid or ‘GroupID’ - ‘Set GroupID bit’
can use leading 2
applicable to dirs or files
|
|
means executable runs with the permissions of the owning group of that executable
uid or ‘UserID’ - ‘Set UserID bit’
can use leading 4
applicable only to files
|
|
default permissions, umask
dirs: 777 files: 666
|
|
umask takes away from defaults, so 0002 will take away write from other
dirs: 775 files: 664
|
|