Greetings fellows comrades 🧙🏻♂️
In Linux, permissions and controls is managed by the File System, I know you have heard about the guy. To refer FHS (Filesystem Hierarchy Standard)
The kernel uses the user and group-based security model to control access to system files and resources.
Each time a user attempts to access a file, the kernel checks the permission against the user identity and the group.
Representations of Permissions
——————————————
Binary|Octal|rwx
000 | 0 | —
001 | 1 | –x
010 | 2 | -w-
011 | 3 | -wx
100 | 4 | r–
101 | 5 | r-x
110 | 6 | rw-
111 | 7 | rwx
——————————————
/** r = Permission to Read (value 4) ;
w = Permission to Write (Value 2) ;
x = Permission to Execute ( Value 1);
Sum == 7 ; 🧙🏻♂️
**/
Types of users
UGO - USER GROUP OTHERS
Owner/User: The user who owns the file or directory.
Group: A group of users who have common permissions on the file or directory.
Others: All other users who are neither the owner nor members of the group.
The example
- Owner (root): Can read and write in the file (
-rw). - Group (yourgroup): Can read (
r--). - Others: Can read (
r-x).
📁 Everything is a File 📁
Yes, at the kernel level, Linux treats pretty much everything as files. This concept is fundamental to the philosophy of Unix.
All files, and files that point to others files but lets think about the default permission level set when we create a directory.
//d is for Directory
Why the directory permission set is 755? (rwx r-x r-x)
Well, its because the user mask (umask) by default 666 for files and 777 for directories (use the command ‘umask’ in your terminal and see before your eye)
Default for files: 666 (rw-rw-rw-)
Umask: 022 (—w–w–)
Permission: 644 (rw-r–r–)
// Is nice thing to do in terms of security; the execution bit in the files is not enabled by default
Default for Dir: 777 (rwxrwxrwx)
Umask: 022 (—w–w–)
Permission: 755 (rwxr-xr-x)
In most Debian-based systems, the umask is preconfigured to 022, but you can configure bespoke. Exemple add umask 007 to set it so only the user and members of the user group have permission.
You are able to play with these commands: chmod: Used to change file/directory permissions.chown: Used to change file/directory ownership.
Special Permissions
In addition to the three general-purpose permissions (rwx) it has a special permissions SUID and SGID, which we will explore in the next article, not only the mechanism but about the nefarious vulnerabilities in order to Privilege Escalation.
Refer:
https://www.tecmint.com/everything-is-file-and-types-of-files-linux/
https://en.wikipedia.org/wiki/Everything_is_a_file
https://www.redhat.com/sysadmin/linux-file-permissions-explained
https://linux.die.net/man/1/chmod
Leave a Reply