Objectives: Files and directories security
File Access Permission:
Just as Linux has password for unauthorized system access,it also has security to prevent
unauthorized access to files and directories .Different types of user need different types of access.
Types Of User:
As far as the file access is concerned there are three types of users.
- Owner
- Group
- Others
Owner(user):
The creator of the file or directory. If you created a directory and creates some files in it by yourself, you own them.
Group:
Each user is a member of defined group that has one or more member including owner.
Others:
This type of user includes everyone outsides the owner’s group
Types Of Access:
Just as there are three types of users you are concerned with ,there are three types of file access.
- Read
- Write
- Execute
Access Permission:
Having a type of access is referred to as the access permission. You can change the access permission of your own files. Following table is listing the command and all of its options for changing the access permission.
Command:chmod
Purpose: Changing access permission for one or more files
Format: chmod user-types [operation][permission] files-lists
User Types
u:user or owner of file.
g:group,owner belongs to.
o:all other user outside the owner’s group.
a :all three user types.
Operations
+: adding the permissions.
-: removing the permissions.
=: assigning he permissions.
Permission:
r:read Permission
w:write permission.
x:execute permission.
Examples1.
If you don’t want anyone else of your group member to read your file,but you ,so you can remove the read access from the group.
chmod g-r filename
Example2.
If you want to give your own file execute permission
chmod u+x filename
Example3.
Assigning group to user’s permission
chmod g=u filename
Example4.
Assigning all(ugo) to read and execute permission.
chmod a=rx filename
Example5.
Give read permission to others to all the files in mydir directory.
chmod o+r mydir/ *
Numbers:The numbers for the triplet is the octal value corresponding to the 3-bit pattern.4 for r,2 for w,1 for x.
u:rwx means 4 +2+1=7
g: r-x means 4+0+1=5
o:r-x means 4+0+1=5
chmod 755 filename
This means that “I don’t mind if other people read or run this file,but only I should be able to modify it.”
“You can check your default access by –l option of the ls command”
Script command:
Records everything printed on your screen. The record is recorded to the filename, if no filename is specified results are recorded to the file named transcript.
Syntax:
Script [-a]: Append the session record to filename, rather than overwrite it.
File compressing:
Gzip:
This compresses the file and places it into (.gz) extension.
Example1.
gzip filename1
In order to uncompress the file
gunzip filename1.gz
Q1.see what happened with Zcat filename1.gz
Tar:
The tar command bundles a bunch of files together and creates an archive (commonly called a tar file or tarball). The original files are not deleted after being copied to the tar file.
Example1.(To create an archive)
To create an archive using tar, use a command like this, which bundles all the files in the current directory that end with .doc into the alldocs.tar file:
tar -cvf alldocs.tar *.doc
Example2.
tar -cvf allfiles.tar mydir
Example3.
This will create a tar file named alldocs.tar containing all the files from the doc directory (and any of its subdirectories):
tar -cvf alldocs.tar doc/
Example(For extracting the archive)
tar -xvf alldocs.tar
This will extract alldocs.tar and copy all the files from the alldocs.tar file into the current directory. When a tar file is created, it bundles up all the files in a directory, as well as in any subdirectories and the filesin them. So when you’re extracting a tar file, keep in mind that you might end up with some new subdirectories in the current directory.
Alias:
The alias command can be useful if you want to create a ‘shortcut’ to a command.
The format is alias name=’command’
Example1:
alias list=’ls-l’
Example2.
alias dir=’mkdir’
To see list of all aliases created in your linux box,just type alias at the prompt.
To remove an alias, use the unalias command
Example
unalias list
Invoking vi:
To invoke vi, simply type the letters vi followed by the name of file you wish to create. You will see a screen with a column of tildes along the left side.vi is now in command mode. Anything you type will be understood as a command, not as text to be input. In order to input text, you must type a command. The two basic input commands are the following.
i: insert text to the left of the cursor.
a: append text to the right of the cursor
Since you are at the beginning of an empty file, it doesn’t matter which of these you type. Type one them and then type:
The quick
Brown
Fox will return.
Note that you press Esc key to end insert mode and return to command mode.
Cursor movement commands:
h:move the cursor one space to the left.
j:move the cursor one space down.
k:move the cursor one space up.
l:move the cursor one space to the right.
These commands may be repeated by holding the key down. Try moving around in your text now. If you attempt an impossible movement eg.pressing the letter k when the cursor is on the top, the screen will flash, or the terminal will beep.
Deleting text:
x: delete the character at the cursor.
dd: delete a line.
File saving:
: w save (write to disk)
:q exit
Make sure you are in the command mode by pressing the Esc key, Now type :w this will save your work by writing it to a disk file. The command for quitting vi is q .If you wish to combine saving and quitting just type :wq. There is also a convenient abbreviation for :wq –ZZ.Since much of your programming work will consist of running a program, encountering a problem, calling up the program in the editor to make a small change, and then exiting from the editor to run a program again,ZZ will be the command you use often.(Actually.ZZ is not an exact synonym for :wq,if you have not made any change to the file, you are editing since the last save ,ZZ will just exit from the editor whereas :wq will (redundantly) save before exiting)
If you hopelessly messed things up and just want to start all over again, you can type :q!(remember to press the Esc key first).If you omit ! ,vi will not allow to quit without saving.
Tasks to be performed.
1.Examin your extended listing to see your default access permission. If you can, check the access permission in the root directory.
2.list your any created directory. Now remove your own read and execute permission and then list it again. See what message shows.
3.Remove the write permission for any of your created file. Then try to add some data in it. See what message shows.
4.Execute any vi file. If permission is denied then first assign it permission for execution then try to execute.