Archive for the ‘5 - Modifying file rights’ Category

V – Modifying file rights

onsdag, juni 23rd, 2010

To summerize the previous chapter – every file and directory in a linux file system requires certain rights in order to modify them, the needed rights are often different if your the file owner, a group fan or just another junkie and I’ve been a gangster since I was about two cocks high.

But these rights aren’t consistent over time. You’re able to modify the rights with the command ‘chmod‘ (abbreviated from ‘change mode’). In most linux implementations this is true only if you’re root user. No other loose players are able to fuck around changing permissions for the file. For a file ‘BloodyHammer’ with rights ‘-rw-rw-r–’ if you’re the owner you could execute ‘chmod u+x BloodyHammer‘ in order to get execution rights, ‘-rwxrw-r–’.
u‘ is for ‘user’
g‘ is for ‘group’
o‘ is for ‘other’

If you don’t want anyone but yourself to be able to play with the file (I’m mean why should you, what have they ever done for you?) you could exec ‘chmod go-rwx BloodyHammer’ which is translated into “for ‘group’ and ‘others’ take away ‘read’, ‘write’ and ‘exec’ rights”.

You can also specify rights by using a bitmask.
read=4
write=2
exec=1
no rights=0

So if you want to give user all read, write and exec rights this sums up to 4+2+1=7
You want to give group users read and execute rights only 4+0+1=5
All others should not be able to do anything with the file 0+0+0=0
So now we can set our new file permissions with ‘chmod 750 BloodyHammer‘ capishe?

There are a couple of other syntaxes here but you get the point.

As stated above you need to be logged in as root in order to change the ownership of a file/directory. If you are, this can be done with ‘chown‘ (‘change owner’). With ‘chown’ you can also modify group ownership as well – just add a colon after the new owner name followed by the new group. Example: change the owner to ‘testuser’ and group to ‘admin’ for file ‘helloworld.sh’ – ’sudo chown testuser:admin helloworld.sh’ (now, don’t you worry ’bout the ’sudo’ prefix for now. We use it to tell the system to execute our cmd as the root user. We’ll get back to this in chapter ‘VII – Users and groups’)

ls -l
# -rwxr-xr-x 1 sgar sgar 230 2010-06-22 15:22
helloworld.sh

sudo chown testuser:admin helloworld.sh
ls -l
# -rwxr-xr-x 1 testuser admin 230 2010-06-22 15:22 helloworld.sh

If you’d like to change the group only you can use cmd ‘chgrp’
sudo chgrp sgar helloworld.sh
ls -l
# -rwxr-xr-x 1 testuser sgar 230 2010-06-22 15:22 helloworld.sh

There are more to this file rights shit but I’d just leave it here for now. Along with the usual pornography I recommend some careful reading of the commands ‘setuid‘ and ‘setgid‘ which grants a non-privileged user to execute files with the additional rights of the owner.