UNIX file protection

UNIX divides the user community into three categories:

u

represents user, who owns the file.

g

represents group, consisting of researchers that belong to the same PSC grant. Users can belong to a set of groups, allowing them to share portions of their files with different groups of users.

o

represents other, including all other users on the system.

There are three permissions that can be given to each of these categories of users:

r

meaning read, which allows a user to view or copy the file, or list the contents of the directory.

w

meaning write, which allows a user to edit a file. In the case of directories, write permission allows a user to delete or add files.

x

meaning execute, which allows a user to execute the program or shell script contained in the file. In the case of directories, this permission enables a user to execute programs he knows reside there.

Displaying permissions

In order to display the permissions associated with a file fred.f, execute:

    ls -l fred.f

which displays the following information:

 
    -rwxrw-r-- 1 username groupname 234 Feb 6 11.:46 fred.f

The first string

    -rwxrw-r--

represents the permissions. For files, as in this case, the first character is a -. For directories, it would be a d. The remaining nine characters represent the read, write and execute permissions for user, then the read, write and execute permissions for group, and finally the read, write and execute permissions for other.

If one of the permissions has not been granted, a - appears. In the example above, group has no execute permission, and other has only read permission.

Setting permissions

The default protection for user files and directories is:

    -rwxr-x---

which grants user all permissions, and group read and execute permissions.

You can override this default with the umask command. You can also change the permissions of specific files with the chmod command.