File ownership and permissions
Last revision August 3, 2004
|Table of Contents:|
Each file has an owning account which controls access. This account can set three types of permissions -- read, write, and execute -- for three different sets of accounts -- user, group, and other. The account can set permissions for individual files separately from the permission settings for the directory in which they are linked, with sometimes non-obvious interactions.
A particular file or directory is owned by only one user account and is owned or associated with only one account group. Account groups are created by the system manager. Each user account belongs to a default group (on pangea, these would be by department, for example, ges, gp, pete, etc.). The system manager can create additional groups and add additional group memberships to any account. Therefore, a single user account can have access to files associated with multiple account groups.
On pangea, the command
will show the names of the groups to which your account belongs.
The other set of permissions applies to any account that is not the owner and not in the associated account group.
The owner of a file can change the account group associated with the file (see the manual entry for chgrp), but he cannot give away his ownership of the file to another account. Only the root or system management account can do that.
The root account can always access any file, regardless of permissions set by the owner.
WARNING: Bugs in the operating system sometimes allow hackers to get around permission settings and get access to files that are normally closed to accounts other than the owner. Never keep any sensitive or embarassing information on a multi-user computer!
Check ownership and permission settings on files and directories with the command ls -l (letter "ell" option, not numeral "one"). This gives the "long" listing, including the associated group. Here is an example, with explanation:
-rw-r--r-- 1 gp111ins class 115 Oct 29 1987 symlink.awk
The first set of 10 characters in this output gives the type of file and permissions.
- Type is first letter: - means a plain file, d means a directory, l is a symbolic link. There are a few other special system types.
- Permissions come in sets of three that apply, respectively, to the account that owns the file, accounts that belong to the associated group of the file, and any other account.
- For each permission set, the first letter is r if the applicable
account has permission to read (or copy) the file or - if not; the
second letter is w if the account has permission to write (add to
or modify) the file or - if not; and the third letter is x
if the account has permission to execute (run) the file as a program or
- if not.
There are also two variations on execute permission, setuid and setgid, that are sometimes used on system programs to let them run with a special user or group id in order to have privileges not normally associated with the running account. If one of these is set, the normal x character is replaced by s.
Plain files that are not programs will usually have the execute bit (letter) set to - for all three permission sets.
Permission settings for directories have slightly different meanings, as discussed below. In general, you cannot do anything with a directory or the files linked into it unless you have at least execute permission on the directory.
Following the permissions information is a number indicating how many links (names) this file has. Then the account that owns the file (for example, gp111ins), and the group that the file belongs to (for example, class) are listed. See the section on ls, for more explanation of this output format.
In Unix, both files and directories have their own permission settings, which can interact in non-obvious ways. The permissions on the directory mostly affect what you can do to the file as a whole unit (rename it or add or remove it to a directory), and the permissions on the file itself mostly affect what you can do its actual contents (read or modify them).
The table below shows what you can do to a file or directory for each possible combination of file and containing directory permissions that may apply to your account. Remember, that you may have different permissions applying to your account depending upon whether you are the owner, a member of the associated account group, or anyone else ("other").
This table lists three possibilities for directory permissions: execute only, read plus execute and write plus execute. The plain read and write permisssions are not listed for directories, because you essentially cannot do anything with a directory or the files linked into it unless you at least have execute permission. The only exception is that if you have read permission on a directory, but no execute permission, you can get a simple list of the names of the files linked into the directory, but you cannot get the detailed information on those files (the output of ls -l) nor read nor copy them. Having write permission on a directory without execute permission as well is useless: you can't do anything with just write permission.
Also note that this table contains a file permission setting called None. This row shows what you can do to the file based solely on the containing directory permissions that apply to you, even if you have no permissions at all for any individual file within the directory.
Some of the things you can do to files with the various file and directory permission settings are surprising or not obvious. These abilities are highlighted in the table in bold type. Note particularly the ability to delete files from directories based solely on the directory permission, regardless of the file permission setting.
|Execute only||Read plus Execute||Write plus Execute|
|None||Cannot do anything with the directory or its files (expected behavior).||Can get detailed file information (owner, size, etc.) for all files in this directory.||Can delete or rename existing files in this directory. Can make new files in this directory.|
|Read||Can read or copy the file.||Can read or copy the file (expected behavior).||Can read or copy the file.|
|Write||Can modify the contents of the file.||Can modify the contents of the file.||Can modify the contents of the file (expected behavior).|
|Execute||Can run the program contained in the file.||Can run the program contained in the file (expected behavior).||Can run the program contained in the file.|