Linux Permission System
1. Introduction
→ Linux uses a powerful permission model to control who can read, modify, or execute files and directories.
→ Ensures system security, resource isolation, and access control.
→ Permissions apply to users, groups, and others.
2. Permission Categories
→ Each file or directory has three permission sets:
→ User (Owner)
→ Group
→ Others (Everyone else)
→ View permissions using:
→ ls -l
Example output:
-rwxr-xr--
3. Permission Types
→ Each permission category can have the following rights:
→ r (read)
→ Files: view content
→ Directories: list files
→ w (write)
→ Files: edit or delete
→ Directories: add or remove files
→ x (execute)
→ Files: run as a program
→ Directories: access inside the directory (cd)
4. Understanding Permission Structure
→ A permission string has 10 characters:
[Type][User][Group][Others]
→ For example:
drwxr-x---
→ d indicates directory.
→ rwx user permissions.
→ r-x group permissions.
→ --- others permissions.
5. Changing File Permissions (chmod)
→ Modify permissions using symbolic or numeric modes.
Symbolic mode:
→ chmod u+x file
→ chmod g-w file
→ chmod o+r file
Numeric mode:
→ Converts r=4, w=2, x=1.
Examples:
→ chmod 755 file
→ chmod 644 file
→ chmod 700 file
6. Changing File Ownership (chown)
→ Change the file owner:
→ sudo chown user file
→ Change owner and group:
→ sudo chown user:group file
7. Changing Group Ownership (chgrp)
→ Assign a new group:
→ sudo chgrp groupname file
8. Special Permissions: SUID, SGID, Sticky Bit
SUID (Set User ID)
→ Allows users to run a file with the owner’s privileges.
→ Set with:
→ chmod u+s file
Example:
→ /usr/bin/passwd uses SUID to modify /etc/shadow.
SGID (Set Group ID)
→ New files inside a directory inherit the directory’s group.
→ Set with:
→ chmod g+s dir
Sticky Bit
→ Protects files from being deleted by other users inside shared directories (e.g., /tmp).
→ Set with:
→ chmod +t dir
9. Default Permissions: umask
→ Defines what permissions new files receive by default.
→ Check umask:
→ umask
→ Example:
→ umask 022
→ Default file permission will be 644.
10. File Access Control Lists (ACLs)
→ Used for more fine-grained permissions.
→ Commands:
→ setfacl -m u:user:rwx file
→ getfacl file
→ Provides access control beyond standard user/group/others model.
11. Permission Management Commands Summary
→ chmod — change permissions
→ chown — change file owner
→ chgrp — change file group
→ umask — default permissions
→ setfacl — extended permissions
→ ls -l — view file permissions
12. Security Best Practices
→ Avoid giving write permissions to “others”.
→ Use the sticky bit on shared directories.
→ Configure umask for secure defaults.
→ Use ACLs for precise access control.
→ Regularly audit permissions using scripts or security tools.
13. Quick tip
→ Linux permissions form the core of system security.
→ They include user, group, others, and special bits like SUID, SGID, and Sticky Bit.
→ Commands like chmod, chown, and setfacl allow precise control of file access.
→ Understanding these concepts ensures secure and stable Linux administration.
Learn More About Linux Administration and Internals in This Ebook:
codewithdhanian.gumroad.com/l/dynwdc
258K Followers 918 Following📏 || 🚩|| Rm69 only ! for my private channel . || Not interact to un common sense people New Tele ❗️: https://t.co/I9SgRdid2k
75K Followers 117 FollowingCall me Moon 🌙 — goddess of the moon with perky tits, small waist and big ass⌛️ Channel Telegram RM100. No Slot & Service. Accept tips for being hot 💋💦
12K Followers 321 FollowingKevin Apolinario. I help people build a career path in IT because no one helped me with this when I first started IT.
Tech Trainer
1.6M Followers 58 FollowingPleaser of the Palate. Food Photos & Videos, Restaurants, Recipes, and More. DM for Credit/Removal. Subscribe Here for Exclusive Weekly Recipes + a Followback.
1.2M Followers 159 FollowingWe're a community of millions of people who are building new skills and getting new jobs together. A 501(c)(3) public charity. Tweets by @abbeyrenn.
652K Followers 123 FollowingLets Learn #Python with tips and tricks. Free Python Course: https://t.co/l9NKxZWrh7 biz : [email protected] AI Community Partner. DM for Everything.
1.8M Followers 113 FollowingDerma untuk G AZ A di bawah. Email: [email protected]. Inquiries for event appearances are temporarily closed 🙏🏻 SSM : Rasapop (M) Sdn Bhd(1416319-T)