File types & File Permissions in Linux

Information about File Types and File Permissions in Linux.

File Types:

Most filesystem implementations define seven types of files. They are:

  • Regular Files “ – “

  • Directories “ d “

  • Character Device Files “ c “

  • Block Device Files “ b “

  • UNIX domain sockets “ s “

  • Named Pipes (FIFOs) “ p “

  • Symbolic Links “ l “

Regular Files:

A regular file is just a bag of bytes. Unix imposes no structure on its contents. Text files, data files, executable programs and shared libraries are stored as regular files

Directories:

A directory contains references to other files.

The special entries “.” and “..” refer to the directory itself and to its parent directory. They cannot be removed.

Character and Block Device Files:

These files are allow linux kernel to communicate with the system’s hardware. Linux Kernel deals with hardware with the help of modules. The module for particular hardware is called device driver.

Character Device drivers are used for Serial devices. And Block Device drivers handle parallel & storage devices.

Unix Domain Sockets:

Sockets are connections between processes that allow them to communicate.

Unix Domain sockets are local to a particular host and are referenced through a filesystem object rather than a network port.

Unix Sockets are created with the socket() system call and can be removed with “rm” command or unlink() system call.

Named Pipes:

Named Pipes allow communication between two unrelated processes running on same host. They are also known as “FIFO Files”. “mknod” command is used to create Named Pipes.

Symbolic Links:

A symbolic or soft link points to a file by name.

================================================================================

File permissions are very crucial in Linux. It is very important part of Linux Security.

If you do ‘ls –l’ in any directory of Linux, you will find below kind of output.

Permissions User Group Size Date & Time Filename Source path

———– —- —– —- ———– ——– ———–

drwxrwxrwx 3 root root 1024 Jul 17 15:02 Desktop

drwxr-xr-x 18 neel user 32768 Jan 1 19:70 Test

lrwxrwxrwx 1 oracle dba 17 Jul 20 19:57 Inv -> ../etc/oraInst

-rw-r–r– 1 root root 9261 Jul 17 22:24 dmesg.log

             | — other’s permissions

         | — group’s permissions

   |— user’s permissions

|

First Character defines the type of file.

d => dir

– => file

l => link

b => block

c => character

Here rwx means ->

r = read = 4

w = write = 2

x = execute = 1

Change Group of Owner:

# usermod -g <group> <user>

# usermod -g <primary_group> -G <secondary_group> <user>

Modify group:

# groupmod -n <new_groupname> <old_groupname>

Change ownership:

# chown <user>.<group> <file>

# chown -R <user>.<group> <directory>

Change permissions:

We can change permissions by 2 methods

  1. Octal Method -> Here we use Numeric permissions

  2. Symbolic Method -> Here we use Character permissions

 # chmod xxx <file> -> Octal method

# chmod -R xxx <directory> – Here –R for recursive

# chmod ugoa +- rwx <file> -> Symbolic method

# chmod -R ugoa +- rwx <directory> -^

 In above example  let’s see permissions of “Desktop”

 drwxrwxrwx 3 root root 1024 Jul 17 15:02 Desktop

 d -> for Directory

First rwx          –> Readable, Writable and Accessible to owner i.e. root

Second rwx     –> Readable, Writable and Accessible to group i.e. root

Thrid rwx        –> Readable, Writable and Accessible to other. That means it is World writable. Which is not Secured

 Please Note that, Directory must have ‘x’ in permissions otherwise it cannot be open. Also if any file has ‘x’ in its permission then that file becomes executable.

————————————————————————————————————————————————

 Umask

Umask is for User Mask. It sets the file mode creation mask.

By default Linux wants to create a File with ‘777’ i.e.’ rwxrwxrwx’ and Directory with ‘666’ i.e. ‘rw-rw-rw-‘ permissions. But due to Umask settings it gets change.

 Just give below command to know your current umask.

# umask
0022

So here umask is 0022. So whenever I create a new file by default its permissions will be

0666 – 0022 = 0644 That means ‘rw-r—r—‘

And whenever I create a new Directory its permissions will be

0777-0022 = 0755 That means ‘rwxr-xr-x’

Remember ‘x’ is must for directory.

————————————————————————————————————————————-

SetUidGid

 1. It applies to executable only

2. When ‘setuid’ is enabled, the file is executed under the user ID of the file owner.In other words, if an exec program is owned by root and the ‘setuid’ perm is set, then no matter who executes that program, it runs as if being executed by ‘root’

 3. This means that the program can do a lot more [eg. read all files, create new files and delete files] than what a normal file would do

 4. This can be extremely hazardous if the exec has some security hole which crackers can exploit it.

 Examine /usr/bin/passwd

 -r-s–x–x 1 root root 16K Feb 14 2003 passwd

 It has ‘s’ in Owner permissions field. That means ‘setuid’ is enabled. Due to this, whoever run ‘passwd’ command, it loads in RAM as if being loaded by ‘root’. And that’s why users can change their password.

Passwords are stored in /etc/shadow. It has 600 permissions i.e. only root can modify it.

 To setuid,

# chmod u+s
or
# chmod 4511

Whenever ‘setgid’ is enabled, that programs comes into the RAM with its group-owner permissions.

To setgid,

# chmod g+s
or
# chmod 2511

 5. So see all setuid enabled programs:

 # find / -type f -perm +4000 –print

—————————————————————————————————————————————-

 Sticky Bit

 The most common use of the sticky bit today is on directories. When the sticky bit is set, only the item’s owner, the directory’s owner, or the superuser can rename or delete files. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner. Eg /tmp

Neelesh Gurjar has written 122 articles

Leave a Reply