Introduction to Unix File Permissions
A security system designed in UNIX. Considering the multi-user operating system nature of UNIX allows multiple users to access the system simultaneously. Rendering the system vulnerable to external threats that may cause damage to the system and lead to misleading information, corrupting the data is termed as UNIX File Permissions. A concept that is very important and tremendously crucial to grant access to various users appropriately so that there’s no misuse on the part of the user, thus providing security to users of the system whose access to the system is regulated.
Unix File Permissions
Every file in Unix can have 3 types of owners.
They can be as below:
- User: A user is the default person who creates the file. This is the real owner of the file and has full rights and permissions to the file that is created.
- Group: A group can have many users included in it. The users included in a group will have similar permissions for all the files to which the group has access. For example, if a project needs a particular group of people to access, you can add all these users to a group and then give them similar permissions. This can only read or read and write permissions. It saves the time of giving access to each user separately when similar accesses are to be given.
- Other: These are the users who need access to a file though they are neither the owner nor a member of any group. This can be anybody else who needs access to some particular work. The permissions thus play an important role in this case.
A file can have three kinds of permissions. Based on the type of owner, all the below three permissions can be given to all three types of owners.
- Read: By assigning this kind of permission, you are giving a user the authority of opening and reading the contents of the file. You can see all its contents but do not have the permission or rights for making any changes to it.
- Write: The write permission enables the user to modify the contents of the file. By applying this, the user can read, modify, add, remove, and rename the files stored in a directory. Suppose a user has to write access to a file. The user can modify the file. They can also remove or rename any files if they wish to.
- Execute: An executable file on windows can be easily run with its .exe file. But when it comes to Unix, a program cannot run until it has the execute permission. If your user id does not give the appropriate execute permission, you will not execute it. You can still modify or read the contents of the file.
To change the permissions of a file or directory, you can make use of the Chmod command. There are two ways in which the permissions can be changed. It is the symbolic mode and absolute mode.
Chmod in Symbolic Mode with Examples
If you are a beginner, this is the easiest way for you to change the file’s permissions. With this method, you can add, delete or specify the permission, which you can set as per the requirement.
- ‘+’: This adds the specified permissions to the file or directory which is intended.
- ‘-‘: This removes the specified permissions to the file or directory which is intended.
- ‘=’: This sets the specified permissions.
- ‘r”: This indicates read.
- ‘w’: This indicates write.
- ‘x’: This indicates execute.
- ‘-‘: No permission.
Let us take an example:
- -rw-rw-r—as830b home
Here the first ‘-’ indicates that we are selecting a file.
If a d is added at the beginning like- drwxr, then it indicates that a directory is being given the said permissions.
- -rw-rw-r—as830b home
The first part -rw suggests that the owner as830b can read the file, edit it, but the user does not have to execute access since the access is set to ‘-‘.
The second part rw-means that the user as830b can only read or write or make changes to the file.
The third part, r- -, means that the user can only read the file.
Chmod in Absolute Mode with Examples
When you are using this mode, you have to make use of the three-digit octal number. This means this corresponds to below:
- 0: Permission denied —
- 1: Execute –x
- 2: Write -w-
- 3: Execute and Write -wx
- 4: Read r – –
- 5: Read and execute r-x
- 6: Read and write rw-
- 7: Read and write and execute rwx
When a command is given as chmod 764 file.txt, this means that the owner can read, write and execute. The user group can read and write while others can only read the file. Similarly, if the command changes to chmod 777 file.txt, this means that the user can read, write and execute. The people in the user group can also do the same. In addition to this then the world will also be able to make changes, edit and execute.
The owners can also be denoted symbolically as:
- U: user/owner
- G: group
- O: other
- A: all
This can be used as chmod o=rwx file.txt, which means others are being set to read, write and execute. Adding execute to the user group to execute can be set by using: chmod g+x file.txt.
Unix is a multiuser system and hence needs setting up permissions and ownership to files from the perspective of security. It has three defined user groups and three types of permissions that can be set as per the need. This can be for any group or user which needs the specified permissions. The command ‘chmod’ enables in setting and changing permissions to the users and groups. This helps in ensuring that only authorized people are seeing the contents. Thus Unix ensures that security is maintained and the data is also accessible to multiple users at the same time.
This has been a guide to Unix File Permissions. Here we discuss the permission and changing the permission of the Unix file along with examples. You can also go through our other suggested articles to learn more –