Linux permissions
Permissions
7 5 1 user group others r+w+x r+x x 4+2+1 4+0+1 0+0+1 = 751
The permission mode is computed by adding up the following values for the user, the file group, and for everyone else. The diagram shows how.
Read r 4 - Allowed to read files Write w 2 - Allowed to write/modify files eXecute x 1 - Read/write/delete/modify/directory
It is easy to think of the permission settings as a series of bits
rwx rwx rwx = 111 111 111 rwx = 111 in binary = 7 rw- rw- rw- = 110 110 110 rw- = 110 in binary = 6 rwx --- --- = 111 000 000 r-x = 101 in binary = 5 r-- = 100 in binary = 4
Special permissions
Sticky bit
Sticky Bit is mainly used on folders in order to avoid deletion of a folder and its content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.
- Set sticky bit
chmod o+t /opt/dump/ or chmod +t /opt/dump/
- Set sticky bit numerical way
chmod 1757 /opt/dump/
Here in 1757, 1 indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and execute permissions for group, and full permissions for others.
- Sticky bit without Executable permissions
After setting Sticky Bit to a file/folder, if you see ‘T’ in the file permission area that indicates the file/folder does not have executable permissions for all users on that particular file/folder. so if you want executable permissions, Apply executable permissions to the file like chmod o+x /opt/dump/
- Sticky bit with Executable permissions
- Find all the Sticky Bit set files in Linux/Unix.
find / -perm +1000
SGID (Set Group ID up on execution)
Continue at http://www.linuxnix.com/2011/12/sgid-set-sgid-linuxunix.html
SUID (Set owner User ID up on execution)
SUID (Set owner User ID up on execution) is a special type of file permissions given to a file. Normally in Linux/Unix when a program runs, it inherits access permissions from the logged in user. SUID is defined as giving temporary permissions to a user to run a program/file with the permissions of the file owner rather that the user who is running it. In simple words users will get file owner’s permissions as well as owner UID and GID when executing a file/program/command.
http://www.linuxnix.com/2011/12/suid-set-suid-linuxunix.html