Unix File
UNIX File Access
In order to understand how to control access to a file in a system that supports 5,000 users to 4,990 of those users, a basic understanding of the file permissions of a file on a UNIX system is necessary. A user has the ability to perform three basic actions to a file, read, write and execute. These three actions will be represented by r, w, and x respectively. A UNIX system uses a combination of these characters to control the file permissions. The first three characters represent the owner’s permissions, the middle three characters represent the group’s permissions, and the last three characters represent others permission. A sample of file permission would look like the following:
Owner Class
Group Class
Other Class r w
_
r
_
_ r w x A file with these file permissions would give the owner class read and write access, the group class read access, and the other class read, write, and execute access. Normally file permissions are represented by three numbers from 0 having no permissions and 7 having full permissions. The following example should make for a clearer picture:
Owner Class
Group Class
Other Class r w
_
r
_
_ r w x 4
2
1
4
2
1
4
2
1
This file permission would be displayed as 647. The first number represents the owner class. The owner has read and write permission, so the 4 and 2 are added to equal 6. The second number represents the group class, which only has read permission and is displayed as 4. The other class has read, write and execute permissions, which is represented with a 7 (4+2+1).
With this understanding of file permissions, groups can be created to limit access based on who is in the group. The command groupadd access will create a group with the name access. Users can then be added to the access group with the useradd command. Once a group is created the group class of a file’s permission can be changed with the chgrp command. To change the group class to
In order to understand how to control access to a file in a system that supports 5,000 users to 4,990 of those users, a basic understanding of the file permissions of a file on a UNIX system is necessary. A user has the ability to perform three basic actions to a file, read, write and execute. These three actions will be represented by r, w, and x respectively. A UNIX system uses a combination of these characters to control the file permissions. The first three characters represent the owner’s permissions, the middle three characters represent the group’s permissions, and the last three characters represent others permission. A sample of file permission would look like the following:
Owner Class
Group Class
Other Class r w
_
r
_
_ r w x A file with these file permissions would give the owner class read and write access, the group class read access, and the other class read, write, and execute access. Normally file permissions are represented by three numbers from 0 having no permissions and 7 having full permissions. The following example should make for a clearer picture:
Owner Class
Group Class
Other Class r w
_
r
_
_ r w x 4
2
1
4
2
1
4
2
1
This file permission would be displayed as 647. The first number represents the owner class. The owner has read and write permission, so the 4 and 2 are added to equal 6. The second number represents the group class, which only has read permission and is displayed as 4. The other class has read, write and execute permissions, which is represented with a 7 (4+2+1).
With this understanding of file permissions, groups can be created to limit access based on who is in the group. The command groupadd access will create a group with the name access. Users can then be added to the access group with the useradd command. Once a group is created the group class of a file’s permission can be changed with the chgrp command. To change the group class to