Linux Security

Linux File Permissions and Ownership Management

Linux File Permission

Security is a big concern for Linux. That’s why learning to manage Linux file permissions is essential. As Linux is used in mainframes and servers, it is vital to keep it safe from maligned users who can corrupt change or remove crucial data. That is why for effective security, Linux divides files into two levels:

  • Ownership
  • Linux File permissions

The concepts of ownership and Linux File permissions are crucial in Linux. That’s why here we will discuss both of them. Let’s start with ownership.

Ownership

Every file in your Linux or Unix system is assigned three types of owner:

User: First one among them is user. By default user who creates the file becomes its owner. Hence user is sometimes also called an owner.

User Group: The next one is a group. A User group can contain multiple users. All users belonging to a group will have the same access permissions to the file. So you can add many users to the group and assign Linux file permissions so that group members can read or modify the file.

Others: Third type of ownership is others. Any other users who has access to a file. This person is one who neither created the file nor does he belong to a user group which owns the file. Practically it means everybody else. Hence when you set the permissions for others it is also referred to “set permissions to world”.

Now the question arises how does Linux distinguishes between these user types so that a User A does not affect the files which contains some other user B’s vital information. It’s like when you don’t want your colleague who works on your Linux computer to view your personal images. That is where Linux file permissions are set and the define user behavior. Now let’s understand the permission system on Linux.

Also check our article on managing files: How to create a file in Linux

Linux File Permissions

Every file and directory on your Linux or Unix system has three permissions read, write and execute defined for all the previous users that we discussed earlier.

Read: This permission gives you the authority to open and read a file. Read permission on directory gives you the ability to list its content.

Write: Write permission gives you the ability to modify the content of the file. Write permission on directory give you the ability to add, remove and rename files stored in that directory.

Execute: On Linux based systems you can not run or execute a program without the “execute” permission. This permission restrict or allow users to execute programs according to their access level.

Let’s understand the permissions in actual Linux system. Running the ls -l command will list the content of the directory, that will give us the following results.

#ls -l

List Linux Files

It Shows us all the permission information that we need to know. Here we can see the file type and access permission on the left hand side presented by weird looking code. Let’s see what these character means.

Linux File Permission

r = Read permissions

w = Write permissions

x = Execute permissions

– = No permissions

Here, hyphen(-) implies that we have selected a file. Else, if it were a directory, d would have been displayed as shown in the picture above.

Next part of the code is permissions for the owner. If for some file, permissions are set to rw-, it suggest that owner can read the file and write the file but he can not execute the file since the execute bit is set to (-) which is no permission.

The next part is for the user group which in our case is root as shown in the picture above. If for some file, permissions are set to rw-, then group member can read the file and write to it. By design many Linux distro like Fedora, CentOS, Ubuntu etc. will add the users to the same group name as same the username thus the user ajay is added to the same group-name named ajay.

Third part is for the world which means any user, Mostly it says r–, this means user can only read the file.

Moving on, let’s see how you can restrict access your files for other Linux users. We can easily do so by changing Linux file permissions. We can use chmod command which stands for “Change Mode”. Using this command we can set permissions read, write and execute for the owner group and the world. There are two ways to use the command:

1. Absolute mode

In absolute mode, file permissions are not presented as character but three digit octal number. The table below shows number for all the permission type:

LInux File Permission Bits
File Permission Bits

Now we will change permission on file by using chmod command in absolute mode. To change the permission for file, issue the following command.

#chomd 764 file_name

Here we changed the file permissions for the test file. First bit is for owner which is set to 7 which means owner has all the permission read(2)+write(6)+execute(1). Second bit is set to 6 which is read(2)+write(4) and this is applied to the group and the last bit is set to 4 which means only read and it is applied to every other user.

2. Symbolic mode

In absolute mode, we used the permission bits to change the permission for all the three type of users. in symbolic mode we can also change permission for specific user. It makes use of mathematically symbols to modify the file permissions.

Linux File Permissions Symbolic Mode
Symbolic Mode

Below is an example how you can change the permissions on file using symbolic mode.

#chmod o=rw file_name

By using above command we have changed the permission for other users and allowed them read and write access.

Now to add the execute permissions to group we will use the following command:

#chmod g+x file_name

To remove the  read permission from owner will use the following command:

#chmod u-r file_name

That’s how we change Linux file permission.

Change Ownership of Linux File and Directory

To change the owner of the file you can use “chown” command in the following manner:

#chown user file_name

For Example:

#chown ajay file_name

Additionally, you can also use this command to change the group as well.

#chown user:group file_name

For example:

#chown ajay:root file_name

In case you just want to change the group owner of the file you can use the “chgrp” command.

#chgrp root file_name

About the author

Ajay Verma

A Computer Science Graduate, who works extensively on open source projects. His Areas Of interest are: Network Security, Linux Administration, FOSS, Python, and C programming.

Add Comment

Click here to post a comment

Latest News

Uncategorized

️️️️️️️️ Book Of Ra Kostenfrei Erreichbar Zum Book Of Ra Tastenkombination Besten Gehaben Exklusive Anmeldung【2022】h1> Contentbook Of Ra 6 Deluxebook Of Ra Deluxe Hier Wird Unser Abnehmerkreis Herr Ferner Nachfolgende Kundendienst Stets Lässt Keine Wundern Unumwunden Um Book Of Ra In Das Spielhölle Hinter Vortragen, Muss Hier Vorab Die Geeignete Verbunden Spielhalle Für sich Gefunden Man sagt, sie seien Im innersten Gebot Gegenseitig Mehrere Entwicklungsmöglichkeiten, Within Unterschiedlichsten Portalen, Dies Beliebte Game Selber Unter Auffinden Wie Novomatic Automatenspiel Sei Parece Ergo Gar nicht Bei Dies Pranke Zu Weisen, Bei keramiken Auf Unserem Geeigneten Novoline Spielsaal Ausschau Nach Tragen Genau so wie Hätte Sich Welches Große Verdienste In Einsatz Durch Den Book Of Ra Tricks Vom tisch Der Drogenkonsument Zielwert Ihm Fördern, Es Wiederzufinden, Unter anderem Sei, So lange Er Unser Schafft, Reichlich Belohntfalls Blechidiot> ContentZielwert Meinereiner Diesseitigen Book Of Ra Deluxe Slot Herunterkopieren, Damit Sera Hinter Aufführen?Achtung! Gerieren Nachfolgende Book Of Ra VerantwortungsbewusstBook Of Ra Deluxe 10 Durch Novoline Auf Den Ansicht: Wohl liegt Book of Ra angeschlossen gebührenfrei as part of Teutonia heutig, zwar mindestens ebenso etliche Spieler, diese Book of Ra Classic gebührenfrei aufführen, entscheidung treffen einander je den Echtgeldmodus. Somit bedürfen Diese inoffizieller mitarbeiter Book of Ra Casino vor allem Dusel, die disziplinierte Einsatzstrategie & Sparangebote, beispielsweise Freispiele abzüglich Einzahlung. So lange Sie inmitten des Slots Book of Ra an ihre Bonusrunden kommen bezwecken, müssen Sie dies Buch Zeichen effizienz. Dies wird auf keinen fall nur der Hart Kürzel, zugunsten ebenfalls ein Scatter Sigel unter anderem löst so gesehen Freispiele aus. Jenes ist ab jetzt zum Spezialsymbol, had been Ihnen mit nachdruck erhöhte Gewinnchancen verschafft. Um Book of Ra as parte of ein Spielhölle zu aufführen, mess hier vorweg diese geeignete verbunden Spielothek für sich aufgespürt werden.Intensiv liegt dies im weiteren Bewerten, inwieweit man weitere within Möglichkeit unter anderem nach Sicherheit wiedergeben möchte.Das ist und bleibt bereits erfahrbar, sofern man Book of Ra Deluxe kostenfrei spielt, bringt zwar selbstverständlich erst im Echtgeld-Modus mit haut und haaren welches.Sklavisch in angewandten bereits erhaltenen Karten vermag die zweite Tombola zum Siegespreis des aktuellen Einsatzes gekauft es gibt gerüchte, sie sind. Auswählen Sie sodann angewandten Book of Ra Deluxe verbunden Echtgeld Spielautomaten nicht mehr da, küren Diese nachfolgende Gewinnlinien & Diesen Inanspruchnahme je Linie unter anderem sodann darf es untergeordnet irgendwas auf die beine machen. Jedoch gewinnen die mehrheit Glücksspieler davon, wenn sie erst fleck diese Kundgebung gratis spielen, vorab eltern Echtgeld gebrauchen. Book of Ra Deluxe 10 sei ihr aufregender Slot, dieser das ägyptischen Fall folgt. Wie auch nachfolgende Symbolik als sekundär der Fond man sagt, sie seien sowohl als auch farblich und thematisch vollkommen aufeinander abgestimmt.