- File Permissions Introduction
Unix file permissions are broken down into basic permissions
(read, write, and execute) and three classes of users (user/owner, group,
and other). You can use this model to grant any combination
of the 3 permissions to any of the classes of users. For example,
you can give the user (also known as the owner of the file) the
permission to read and write a file while giving others permission
to read the file but not write to the file. Before we go too far,
let's define these basic concepts.
- Permission Modes
- Read (r) - Read permission on a file controls the ability to view the
contents of the file. Read permission on a directory controls
the ability to view the contents of the directory.
- Write (w) - Write permission on a file controls the ability to modify
the contents of the file. Write permission on a directory
controls the ability to create files in that directory.
- eXecute/search (x) - Execute permission on a file controls whether the file
can be executed as a program. Execute permission on a directory
controls whether the directory can be searched. If a directory can
be searched, that means that a file in that directory can be
accessed (assuming the permissions on the file permit it) but
you cannot see the contents of the directory unless the directory
is also readable. This provides a way to allow access to a file
in a directory if the filename is known but preventing someone
from getting a listing of the available files.
- Classes of Users
- User/owner (u) - The user refers to the owner of the file or directory.
- Group (g) - All files and directories belong to a group, which is
a collection of users. By default all students are
in the student group and all of the files
and directories will be a part of the student
group. The permission that apply to the group apply
to all members of that group, which may well be
a lot of people.
- Other (o) - Other refers to everyone except the owner of the file
and everyone that is in the group to which the file belongs.
So, there are read/write/execute permissions for each of user/group/other.
The read/write/execute modes are denoted by r/w/x. For each of the user,
group, and other, these three modes can be on or off. If the mode is on,
it is denoted by r, w, or x, and if it is off it is denoted by '-'. For
example, rw- for the User denotes that the owner of the file
can read and write to the file, but not execute. Likewise, r-x
for Others means that anyone can read and execute the file, but not
write to it.
As a shorthand, these three sets of permission are written one after another.
For example, if a file is readable, writable, and executable by the user (rwx),
readable and executable but not writable by the group (r-x), and only readable
by others (r--), that would be denoted as rwxr-xr--. These permissions
are show when you do a long listing using the -l flag to the ls command. For
example:
% ls -l
total 2
drwxr-xr-x 2 jstudent students 512 Feb 28 17:58 somedirectory
-rw-r--r-- 1 jstudent students 2342 Feb 28 17:57 somefile
In this example, we see that the directory named somedirectory
is readable/writable/searchable by the owner, jstudent, but is
only readable/searchable by the group and others. Remember that the
x means searchable and not executable for directories.
The file named somefile
is readable/writable by the owner, jstudent, but is
only readable by the group and others.
The extra character at the beginning of each line simply indicates what the item
is. The 'd' indicates a directory and the '-' indicates a file.
- Changing File Permissions - The File Manager
If you use the File Manager GUI under CDE to manipulate your files and directories (also
called folders), then you can modify file permission from within the file
manager. Simply click on the file or folder to highlight it and then select
Properties... from the File Manager's Selected menu. This
will bring up a permissions window that will allow you to select the permissions
you want. To activate your changes, click Apply.
Note that you can also bring up the properties window by
right-clicking the mouse on the file or folder and selecting Properties...
from the menu that appears.
The File Manager gives you the ability to control the basic file permissions
of files and folders. However, it is worth mentioning that there are more
advanced permission features that can only be manipulated using the command
line. Read on for more information about using these command line utilities.
- Changing File Permissions - The Command Line
In order to change the permissions on a file from the command line, you use the
chmod command, which is short for "change mode".
You specify the class of user (u/g/o) and the permission (r/w/x), separated
by a + or - to turn the permission on or off. For example,
to give the group read permission on a file named index.html,
you would run:
chmod g+r index.html
You can also grant multiple permissions or specify multiple classes of user
using a single chmod command. For example, if you want
to give the group and others read access to index.html, you would run:
chmod go+r index.html
Similarly, if you wanted to give everyone read and search access to a directory
named opendir, you could run:
chmod go+rx opendir
In order to take permissions away, you simply replace the + with a -. For example,
to remove read and write permission for the group and other on the file
named securefile, you would run:
chmod go-rw securefile
You can also use the -R (recursive) flag to chmod to change the
permissions for a directory and all of its contents. For example, if
you wanted to make the directory named privatestuff> and everything
in it inaccessible by anyone else, you could run:
chmod -R go-rwx privatestuff
- Numeric File Modes
In the previous section, file permissions were specified using a symbolic
representation. For example, 'g' was used to represent the Group
and 'o' was used to represent Others. You can also use the numeric
representation of the file permissions (or modes).
In order to understand
these numeric modes, you must first understand that these modes are actually
represented by the system as three octal digits, one each for the user, the
group, and others. Within each category, the Read/Write/eXecute bits
are represented by the bits of an octal digit. The Read bit is in the 4s place,
the Write bit is in the 2s place, and the eXecute bit is in the 1s place.
USER GROUP OTHER
r w x r w x r w x
4 2 1 4 2 1 4 2 1
In order to determine the numeric code for a given set of permissions, you just
add up the octal digits for the modes that are on. For example, if a file is
readable and writable by the user and read-only for the group and others, the
numeric mode would be 644, as illustrated below:
USER GROUP OTHER
r w - r - - r - -
4+2 4 4
Similarly, a directory that has permissions 'rwxr-xr-x' would have an octal
mode of 755. You can use this numeric mode to set permissions. For example,
chmod 644 somefile
sets the permission of the file to 'rw-r--r--'.
- Permissions On Newly Created Files/Directories
When you create a new file or directory in the filesystem, the permissions
that it will have are controlled by the umask command. You can run
the umask command with no arguments to display your current umask.
The two most common umasks in use are '022' and '077':
- 022 - files/directories are created readable by others, but not writable.
- 077 - files/directories are created unreadable and unwritable by others.
It is very likely that you have a umask command in one of your configuration
files that sets this for you. For example, if you use the default shell (csh), your
.cshrc file will probably contain a line like
umask 022
or
umask 077
You can set the umask for the level of privacy you prefer. However,
If you use a umask of 022 you should be careful to ensure that files
you wish to keep private are properly protected.
- Default Account Permissions
NOTE: Existing
accounts that were created before February 2000 may have been created when the
default home directory permissions
and umask made some files and directories readable by others. See the section
Securing Existing Accounts below for information on how
to secure your home directory if this is the case.
New CS accounts are configured such that none of the files or directories
in your home directory are readable by any other user.
Your home directory
is created such that it is only readable by you (permissions 700/rwx------)
and the umask is set to 077 so newly created files are not readable by others.
This configuration has the advantage that you will not inadvertently give
read access to files that you don't want others to see (such as homework
assignments or personal files). However, it makes it more difficult to
share files with other users and via the web.
If you would prefer to configure things so that others can read your files
by default and then manually protect things you want to keep private, you
can make your home directory readable by running:
chmod 755 /u/username
and changing the umask from 077 to 022 in your .cshrc file (or the proper
config file if you are using something other than the default shell).
No matter which method you choose, you may have to take special measures
to ensure that your
Hyplan on the CS
web server works as described in the following section.
- Securing Existing Accounts
If your current home directory was created when the default was
to make files readable by others, you may want to take precautions
to ensure that sensitive files are not readable by other users.
The easiest way to do this is to simply lock your home directory
so that no files in it can be accessed by any other users. To do
this, you can run:
chmod go-rwx /u/username
or
chmod 700 /u/username
or by using the File Manager to turn off the read/write/execute permissions
for the group and others,
as described above.
One disadvantage of this approach is that you will be unable to
share any files with other users and, if you have a
Hyplan
on the
CS Web Server,
it will no longer work since the web server no longer will
have permissions to get to your .hyplan directory. See
the section
Your CS Web Homepage below for more information
on the file/directory permissions needed in order for your
hyplan to work.
An alternative is to secure all the directories within
your home directory that you wish to protect.
For example, if you have homework in your c335 and p423 directories
and personal letters in your doc directory, you could
run:
chmod go-rwx c335 p423 doc
or
chmod 700 c335 p423 doc
You may also wish to modify your umask as described in section
Permissions On Newly Created Files/Directories above.
Note that your email is probably already protected from being
read by other users.
See the notes about
File Permissions and Email below for
additional information.
- File Permissions and Email
By default, most email programs you are likely to use (such as pine, netscape,
or the CDE mail program) take care to ensure
that your email is not readable by other users. So, even if you have
your home directory configured to be readable by others and your umask
set to 022, it is still highly unlikely that your email is readable by others.
- Your CS Web Homepage
The makehyplan command can be used to set up your web presence
on the CS web server (See
The Hyplan Info Page
for more information about makehyplan). In order for your hyplan files
to be readable via the web,
you must ensure that the following conditions are met:
- Your home directory and your .hyplan directory must be searchable by others.
You can achieve this by running:
chmod o+x /u/username /u/username/.hyplan
- All files in your .hyplan directory that you want to be accessible,
must be readable by others. For example, to make a file named index.html
accessible, you can run:
chmod o+r /u/username/.hyplan/index.html
You must repeat this process for all files you want to be accessible.
Note that you can also run the
checkhyplan command to check the
permissions on your hyplan directory and also to check for broken links.
- Your CS Finger Information
The finger command can be used to gather information about another
user. You can create a .plan file in your home directory in order
to give other users information when they finger you. For example, this
may include your current office hours, your address, or some words of
wisdom. In order for someone fingering you to have access to your .plan
file, you must ensure that the following conditions are met:
- Your home directory must be searchable by others. You can achieve this by
running:
chmod o+x /u/username
- Your .plan file must be readable by others. You can achieve this by
running:
chmod o+r /u/username/.plan
- Higher Order Mode Bits (setuid, setgid, sticky)
In addition to the Read, Write, and eXecute bits that have been discussed,
there are three other mode bits: Setuid, Setgid, and Sticky. See the chmod(2)
manual page by running
man -s 2 chmod
for all the details. It is beyond the scope of this document to
explain all the details of these extra permission bits. However,
it is probably worth mentioning the semantics of the setgid bit for
directories since it is used frequently. If you have a directory
and you want files created within the directory to inherit the
group ownership of the directory, you can set the setgid bit with:
chmod g+s directory_name
- Using Access Control Lists (ACLs)
There is a more powerful mechanism available for controlling file
and directory permissions called Access Control Lists (ACLs).
See the
ACL Help Page for more information about using ACLs.
