Notice the first column which has 10 entries "-rw-r--r--". This should be divided out into 4 sections.
This first set of rwx controls what the owner of the file can do with it. This second set of rwx controls what the group users of the file can do with it. This second set of rwx controls what all other users of the file can do with it. What is rwx for files?r = read (4) w = write (2) x = execute (1) If an "r" shows in a field, then the users defined by that field are able to read the file. If a "w" shows in a field, then the users defined by that field are able to write to the file. If a "x" shows in a field, then the users defined by that field are able to execute that file.How does rwx work on Files?The following tests are run as follows: Create a new directory and set its permission to full control (0777). Create 8 new files with permissions as listed in the table. Then began performing the various actions and noting the results. The owner and group are set to root, I am testing as a non-root user.File Permissions
remove file = yes* - These files gave a "rm: remove write-protected file 'filename'?" error. Saying "yes" removes these files. Also performing a "rm -rf" file removes the file without any warning. The ability to remove a file is controlled at the directory level. How does rwx work on Directories?The following tests are run on 8 directories with permissions as listed in the table. Each of these directories contain 1 file each with full permissions (0777) on the file. The owner and group are set to root, I am testing as a non-root user.Directory Permissions
ls = yes* - Only the files are listed with error. No other file attributes are able to be listed. File name completion works in these cases as well. Using the"file" CommandStrange way to use the sh Command
File actually executes Executing a script8 directories with 8 scripts each were created. The 8 directories had the 8 different combinations of the permissions - so did each of the 8 scripts in each of the directories. 64 scripts in all. The following results were noted:Directory/File permissions 0771/0775 and 0777 ran, 0770 thru 0774 and 0776: permission denied* 0773/0775 and 0777 ran, 0770 thru 0774 and 0776: permission denied* 0775/0775 and 0777 ran, 0770 thru 0774 and 0776: permission denied* 0777/0775 and 0777 ran, 0770 thru 0774 and 0776: permission denied* 0770/all: permission denied 0772/all: permission denied 0774/all: permission denied 0776/all: permission denied denied* - All of these gave a strange error on 0771 and 0773 - seems like "r" on the file permission is required for execution Executing a script by way of "cat script| sh"8 directories with 8 scripts each were created. The 8 directories had the 8 different combinations of the permissions - so did each of the 8 scripts in each of the directories. 64 scripts in all. The following results were noted:Directory/File 0771/0774 thru 0777 ran, 0770 thru 0773: permission denied 0773/0774 thru 0777 ran, 0770 thru 0773: permission denied 0775/0774 thru 0777 ran, 0770 thru 0773: permission denied 0777/0774 thru 0777 ran, 0770 thru 0773: permission denied 0770/all: permission denied 0772/all: permission denied 0774/all: permission denied 0776/all: permission denied |