Whole document tree


www.fifi.org
    Documentation
        Manpages
        GNU Info
        Debian document tree
        Whole document tree
    Trigance web page
    Public services
    User info
    Mailing lists
    Secure server
    Multilingual usage
 

Copyright (C) 2000-2012
Philippe Troin
<webmaster@fifi.org>.

Validate HTML
Validate CSS

    

Whole document tree

Permissions
GNOME 1.4 User's Guide
<<< PreviousAppendix A. If you are new to Linux/UNIXNext >>>

Permissions

Every file on your system has an owner — one of the users (usually the one who created this file), and a system of permissions, which regulate access to this file.

For ordinary files, there are 3 types of access permissions: read, write, and execute (the latter only makes sense for executable files). They can be set independently for 3 categories of users: the file owner, the users in the group owning the file, and everyone else. Discussion of groups of users goes beyond the scope of this document; the other two categories are self-explanatory. So, if the permissions on a file /home/sasha/talk.txt are set to read and write for user sasha, who is the file owner, and read only for everyone else, only sasha will be able to modify this file.

All newly created files carry some standard permissions, usually read/write for user and read only for everyone else. You can view the permissions using the GNOME File Manager, by right-clicking on the file, choosing Properties in the pop-up menu, and then the Permissions tab. Using this dialog, you can also change the permissions — just click on a square representing the permission to toggle it. Of course, only the file owner or the system administrator can change the permissions of a file. Advanced users can also change the default file permissions which are assigned to newly created files—see the manual pages for your default shell (usually bash, csh or tcsh) and look for the command umask.

A file can also have some special permission properties such as UID, GID, and "sticky" bit. They are for advanced users only — do not change them unless you know what you are doing. (If you are curious: these permissions are typically used on executable files to allow the user to execute some commands which read or modify files to which the user himself doesn't have access.)

Similar to files, the directories also have permissions. Again, there are 3 possible permissions: read, write, and execute. However, they have different meaning: namely, "read" permission for a directory means permission to list the contents of the directory or search for a file; "write" means permission to create and remove files in the directory, and "execute" means permission to access files in the directory.

Note that the permissions granted to a file depend on the permissions of the directory in which the file is located: in order to be able to read a file, a user needs to have the read permission for the file itself and "execute" permission for the directory that contains it. So, if user sasha doesn't want anybody else to see his files, he can achieve this by removing the execute permission on his home directory for all other users. This way, no one but himself (and, of course, root) will be able to read any of his files, no matter what the permissions of individual files are.

Detailed explanation of the permission system can be found, for example, in the info page for the GNU File Utilities package.

<<< PreviousHomeNext >>>
Directories and pathsUpSymbolic links