The role of file permissions and special permissions in Linux!

Others 2020-10-25 05:58:02 views: null

File permissions and ownership

Everything in the Linux system is a file, but the type of each file is different, so the Linux system uses different characters to distinguish them. Common characters are as follows.

character File attributes
- Normal file
d Catalog file
l Link file
b Block device file
c Character device file
p Pipeline file

File permissions: readable (r), writable (w), executable (x), and can also be represented by numbers 4, 2, and 1, respectively.

Insert picture description here

Insert picture description here

Insert picture description here
You can also view file attributes through ls -l
Insert picture description here

Insert picture description here

Special permissions for files

SOUTH

SUID is a special permission to set binary programs, which allows the executor of the binary program to temporarily have the permission of the owner (only valid for binary programs with execution permission).

When checking the attributes of the passwd command, it is found that the owner's authority has changed from rwx to rws, and the change of x to s means that the file is given SUID authority. In addition, some readers will be curious, what if the original permission is rw-? If there is no x execution permission in the original permission bit, it will become a capital S after being given special permission.

chmod u+s /ser/bin/passwd user

chmod u+s file name/absolute path where the command is located

Insert picture description here

  1. When the file has x execution permission, rwsr-xr-x rwx——rws changes the execution permission x of individual permissions to s, such as: rwsrwxrwx
  2. When the file does not have x execution permission, rwsr-xr-x rwx——rwS changes the execution permission x of individual permissions to s, such as: rwSrwxrwx

SGID

SGID mainly implements the following two functions:
1. Allow the executor to temporarily have the authority of the group (set the binary program with the execution authority);
Insert picture description here

  1. When the file has x execution permission, rwsr-xr-x rwx——rws changes the execution permission x of individual permissions to s, such as: rwxrwsrwx
  2. When the file has no x execution permission, rwsr-xr-x rwx——rwS changes the execution permission x of the individual permission to s. For example: rwxrwSrwx
    as shown in the figure: the same jio file has different managers, the first one is to add ground Group authority has root group user authority management , the second jio file is created directly by ordinary users, no root authority, a big difference !
    2. Files created in a certain directory automatically inherit the user group of that directory (only the directory can be set). For example, if the SGID is set in the directory, the user creates a file in the directory, and the default user group of the file will be changed from the user's own basic user group to the group that the directory belongs to, so that other users in the same group can access the file.

SBIT

Ensure that users can only delete their own files, but not other users' files. If SBIT permission is granted, the executable permission bits in other users will change from x/- to t/T.
Insert picture description here
chmod -R o+t file name/directory name

  1. When the file has x execution permission, rwsr-xr-x rwx——rws changes the execution permission x of individual permissions to s, such as: rwxrwxrwt
  2. When the file has no x execution permission, rwsr-xr-x rwx——rwS changes the execution permission x of the individual permission to s, such as: rwxrwxrwT
    rwxrwxrwt
    Insert picture description here

chmod and chown

The chmod command is a very useful command that can be used to set the permissions of a file or directory. The format is "chmod [parameter] permission file or directory name". If you want to set the permission of a file to be readable, writable and executable by its owner, readable and writable by the group, and others without any permission, the corresponding character method is expressed as rwxrw----, and its corresponding number method Expressed as 760.
The chown command can set the owner and group of a file or directory, and its format is "chown [parameter] owner: name of the group file or directory".
The chmod and chown commands are the most commonly used commands to modify file attributes and permissions. They also have a special commonality, that is, when operating on a directory, you need to add an uppercase parameter -R to indicate recursive operation, that is, to all files in the directory Perform the overall operation.

Insert picture description here

  • []a: Everyone
  • []u: owner
  • []g: All groups
  • []o: Other users
  • []r: Readable permission
  • []w: writable permission
  • []x: executable permissions
  • []s: suid or sgid permission (usually used with the u or g parameter, if it is used with the a parameter, it means that both suid and sgid are set at the same time)
  • []t: sbit permission (usually used with the o parameter, used with the u or g parameter has no effect, the effect of using the a parameter is equivalent to the o parameter)
  • []+: Add permissions
  • []-: Remove permission

Guess you like

Origin blog.csdn.net/SYH885/article/details/108864990
Recommended
Ranking
vue project automated build tools 1.0, support for multi-page build
JDBC add, update, delete data
SpringCloud combat service in response to the decline tutorial series (Chapter IV)
A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library
Django achieve websocket
Go语言并发之道--笔记1
Three-tier structure and application
Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)
Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)
The difference between the shell of the single and double quote
Daily
More
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)

Code World

© 2018 codetd.com