Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

How to Protect Files and Directories in Linux

One important aspect of securing the host is protecting important system files - and the directories on your Linux system that contain these files. In Linux, you can protect the files through file ownership and the permission settings that control who can read, write, or (in the case of executable programs) execute the file.

The default Linux file security is controlled through the following settings for each file or directory:

User ownership
Group ownership
Read, write, execute permissions for the owner
Read, write, execute permissions for the group
Read, write, execute permissions for others (everyone else)

How to view ownerships and permissions in Linux

You can see settings related to ownership and permissions for a file when you look at a detailed listing with the ls -l command. For example, in Ubuntu, type the following command to see the detailed listing of the /etc/inittab file:

ls -l /etc/inittab

The resulting listing looks something like this:

-rw-r--r-- 1 root root 1666 Feb 16 07:57 /etc/inittab

The first set of characters describes the file permissions for user, group, and others. The third and fourth fields show the user and group that own this file. In this case, user and group names are the same: root.

How to change file ownerships in Linux

You can set the user and group ownerships with the chown command. If the file /dev/hda should be owned by the user root and the group disk, you type the following command as root to set up this ownership:

chown root.disk /dev/hda

To change the group ownership alone, use the chgrp command. Here's how you can change the group ownership of a file from whatever it was earlier to the group named accounting:

chgrp accounting ledger.out

How to change file permissions in Linux

Use the chmod command to set the file permissions. To use chmod effectively, you have to specify the permission settings. One way is to concatenate one or more letters from each column of the table below, in the order shown in the table (Who/Action/Permission).

File Permission Codes
WhoActionPermission
u(user)+(add)r(read)
g(group)(remove)w(write)
o(others)=(assign)x(execute)
a(all)s(set user ID) 

To give everyone read and write access to all files in a directory, type chmod a+rw *. To permit everyone to execute a specific file, type chmod a+x filename.

Another way to specify a permission setting is to use a three-digit sequence of numbers. In a detailed listing, the read, write, and execute permission settings for the user, group, and others appear as the sequence

rwxrwxrwx

with dashes in place of letters for disallowed operations. Think of rwxrwxrwx as being three occurrences of the string rwx. Now assign the values r=4, w=2, and x=1. To get the value of the sequence rwx, simply add the values of r, w, and x. Thus, rwx = 7.

With this formula, you can assign a three-digit value to any permission setting. If the user can read and write the file but everyone else can only read the file, for example, the permission setting is rw-r--r--, and the value is 644. Thus, if you want all files in a directory to be readable by everyone but writable only by the user, use the following command:

chmod 644 *

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2018 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268