How permissions are assigned?
The basic format of chmod is: chmod xyz file
The xyz represent value that goes from 0-7; each number represents permissions in a group.
For instance:
| x | would be for the owner of the file |
| y | would be for the group that owns the file(group the user belongs to) |
| z | would be for everybody |
| file | name of the file being modified |
Refer to the following table for a better understanding
| Number | Permissions |
| 0 | None = can not read, write or execute |
| 1 | Can execute, but can not read or write |
| 2 | Write only, can not read or execute |
| 3 | Can write, can execute |
| 4 | Read only, can not write to or execute |
| 5 | Read only, executable, can not write to |
| 6 | Writeable, readable file, but not executable |
| 7 | Readable, writeable and executable file |
There are several ways to give permission to a file as you could see on the last two tables. You could basically use any part of the table to assign these permissions.
Example
I will use the numerical part of the first table to assign permission to an html file that can be viewed over the Internet.
[root@server2 collections]#chmod 644 internal.html
How I determined that? I simply added 400+200+40+4 = 644 from table 3.2
- Read by owner
- Write by owner
- Read by group
- Read by others
If I do an ls –l that would look like this:
[root@server2 collections]#ls –l
total
-rw-r--r-- 1 root root 6 Aug 17 09:09 afile
-rw-r--r-- 1 root root 19 Aug 18 12:47 internal.html
[root@server2 collections]#
What would happen if I make that writeable by others (I would be a dumb administrator), but for demonstration purposes lest make that file writeable by others.
[root@server2 collections]# chmod 646 internal.html
Now I do an: ls –l
[root@server2 collections]#ls –l
total
-rw-r--r-- 1 root root 6 Aug 17 09:09 afile
-rw-r--rw- 1 root root 19 Aug 18 12:47 internal.html
[root@server2 collections]#
Now internal.html is world writeable…be careful how you assign permissions. Normally, don't leave a file as 777 (that is full access to the file), anyone can replace or delete it.
No comments:
Post a Comment